CVE-2025-68375 perf/x86: Fix NULL event access and potential PEBS record loss

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...

CVE-2025-68370

In the Linux kernel, CVE-2025-68370 affects the coresight tmc path handling. The fix adds the event handle to the coresight_path so dependent devices can access it (required to retrieve AUX_EVENT per CPU in perf mode). Reproduction example uses perf record -e cs_etm//k -C 0-9, which could trigger...

CVE-2025-68370 coresight: tmc: add the handle of the event to the path

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: add the handle of the event to the path The handle is essential for retrieving the AUXEVENT of each CPU and is required in perf mode. It has been added to the coresightpath so that dependent devices can access it...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of OPP, which could lead to reuse after release...

PT-2025-52911

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s perf/x86 component related to handling PEBS records and interrupt throttling. Specifically, when the intel pmu drain pebs icl function processes the...

Post-Quantum Cryptography in the 5G Core

In this work, the conventional cryptographic algorithms used in the 5G Core are replaced with post-quantum alternatives and the practical impact of this transition is evaluated. Using a simulation environment, we model the registration and deregistration of varying numbers of user equipments UEs...

rexml: REXML denial of service

A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...

CLSA-2025-1766136361 exiv2: Fix of CVE-2025-55304

CVE-2025-55304: add new method appendIccProfile to fix quadratic performance issue...

SUSE SLES15 / openSUSE 15 Security Update : golang-github-prometheus-alertmanager (SUSE-SU-2025:4481-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:4481-1 advisory. - Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on...

Security update for python36

This update for python36 fixes the following issues: CVE-2025-6075: quadratic complexity in os.path.expandvars can lead to performance degradation when values passed to it are user-controlled bsc1252974. CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory EOCD record allo...

CVE-2025-14437

The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials...

Security update for golang-github-prometheus-alertmanager

This update for golang-github-prometheus-alertmanager fixes the following issues: Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on escaping in UTF-8 matchers. Update alertmanagerconfighash metric help to document...

[SECURITY] Fedora 43 Update: nebula-1.10.0-2.fc43

A scalable overlay networking tool with a focus on performance, simplicity and security...

PT-2025-52217

Name of the Vulnerable Software and Affected Versions Hummingbird Performance plugin for WordPress versions prior to 3.18.1 Description The Hummingbird Performance plugin for WordPress is susceptible to exposure of sensitive information. This affects unauthenticated attackers who can extract data...

Akamai Cloud: New G8 Dedicated Hardware and Performance VM Shapes

...

Akamai Cloud: New G8 Dedicated Hardware and Performance VM Shapes

...

SUSE CVE-2025-40359

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix KASAN global-out-of-bounds warning When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. ================================================================== BUG:...

CVE-2025-40359 perf/x86/intel: Fix KASAN global-out-of-bounds warning

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix KASAN global-out-of-bounds warning When running "perf mem record" command on CWF, the below KASAN global-out-of-bounds warning is seen. ================================================================== BUG:...

SUSE CVE-2025-12084

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of transfer failures, which could lead to performance degradation...