[SECURITY] Fedora 41 Update: php-phpseclib-2.0.48-1.fc41

MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...

The vulnerability of the Adobe Bridge file manager, caused by a loss of precision for an integer, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager arises from a loss of precision for a whole number. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in...

PT-2026-20418

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0+ 101 Description The Linux kernel contains an issue within the iwlwifi module related to PTP Precision Time Protocol clock registration for MVM Media and Wireless Multimedia and MLD Mac80211 with Linux...

The vulnerability of the XnSoft XnView Classic software for viewing and editing images, related to a countable loss of significance, allows a hacker to execute arbitrary code.

The vulnerability of the XnSoft XnView Classic software for viewing and editing images is related to a numerical loss of significance during file processing in RWZ format. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations, related to a countable loss of significance, allows attackers to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to a countable amount of significance loss. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the EVGA Precision X1 system’s software relates to the unsafe use of privileges, allowing a violator to increase their privileges.

The vulnerability of the EVGA Precision X1 system’s software relates to insecure handling of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to “NT AUTHORITY\SYSTEM” by associating \Device\PhysicalMemory with the calling process...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52778: mptcp: deal with large GSO size bsc1224948. CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking bsc1232823...

OESA-2024-2492 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fi...

OESA-2024-2448 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fi...

OESA-2024-2447 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fi...

kernel: net: atlantic: Fix DMA mapping for PTP hwts ring

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring Function aqringhwtsrxalloc maps extra AQCFGRXDSDEF bytes for PTP HWTS ring but then generic aqringfree does not take this into account. Create and use a specific function to free...

SUSE-SU-2024:3976-1 Security update for pcp

This update for pcp fixes the following issues: pcp was updated from version 3.11.9 to version 6.2.0 jscPED-8192, jscPED-8389: - Security issues fixed: CVE-2024-45770: Fixed a symlink attack that allows escalating from the pcp to the root user bsc1230552 CVE-2024-45769: Fixed a heap corruption...

SUSE CVE-2023-52920

In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction jump history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10...

SUSE CVE-2024-50097

In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms such as i.MX25 and i.MX27 do not support PTP, so on these platforms fecptpinit is not called and the related members in fep are not initialized. However,...

VulnCheck KEV: CVE-2020-14979

The WinRing0.sys and WinRing0x64.sys drivers 1.2.0 in EVGA Precision X1 through 1.0.6 allow local users, including low integrity processes, to read and write to arbitrary memory locations. This allows any user to gain NT AUTHORITY\SYSTEM privileges by mapping \Device\PhysicalMemory into the...

DEBIAN-CVE-2024-50097

In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms such as i.MX25 and i.MX27 do not support PTP, so on these platforms fecptpinit is not called and the related members in fep are not initialized. However,...

UBUNTU-CVE-2024-50097

In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms such as i.MX25 and i.MX27 do not support PTP, so on these platforms fecptpinit is not called and the related members in fep are not initialized. However,...

CVE-2024-50097 net: fec: don't save PTP state if PTP is unsupported

In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms such as i.MX25 and i.MX27 do not support PTP, so on these platforms fecptpinit is not called and the related members in fep are not initialized. However,...