MAL-2025-48411 Malicious code in private-callout-queue (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7962ea070e8c6d0dc03b62736d3b83c52ac2367d2f5949252c86fa295aac63b2 Any computer that has this package installed or running should be considered...

SUSE-SU-2025:03578-1 Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024161 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...

SUSE-SU-2025:03563-1 Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. - CVE-2025-21791: vrf: use RCU protection in l3mdevl3out bsc1240744. - CVE-2025-38089: sunrpc: hand...

SUSE-SU-2025:03559-1 Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005597 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...

PT-2025-41731

Name of the Vulnerable Software and Affected Versions Tomofun Furbo 360 versions prior to FB0035 FW 036 Tomofun Furbo Mini versions prior to MC0020 FW 074 Description A security flaw exists in Tomofun Furbo 360 and Furbo Mini devices. The issue involves manipulation of the file /squashfs-root/fur...

SUSE-SU-2025:03554-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315. -...

SUSE-SU-2025:03539-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2024-50154: tcp/dccp: Do not use timerpending in reqskqueueunlink bsc1233072. -...

mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable()

...

PT-2025-46641

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the drm/xe/guc subsystem. Specifically, the issue relates to the handling of exec queue deregistration when the GuC Graphics Unit Controller is no...

SUSE SLES12 Security Update : kernel (Live Patch 70 for SLE 12 SP5) (SUSE-SU-2025:03485-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03485-1 advisory. This update for the Linux Kernel 4.12.14-122266 fixes one issue. The following security issue was fixed: - CVE-2025-38477: net/sched: schqfq: Fix race...

AlmaLinux 10 : kernel (ALSA-2025:14009)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14009 advisory. kernel: bpf, testrun: Fix use-after-free issue in ethskbpkttype CVE-2025-21867 kernel: net: fix udp gso skbsegment after pull from fraglist CVE-2025-381...

SUSE CVE-2022-50552

In the Linux kernel, the following vulnerability has been resolved: blk-mq: use quiesced elevator switch when reinitializing queues The hctx's runwork may be racing with the elevator switch when reinitializing hardware queues. The queue is merely frozen in this context, but that only prevents...

SUSE CVE-2023-53635

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct-timeout value struct nfconn-timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirmed conntrack: - Set by...

SUSE-SU-2025:03498-1 Security update for the Linux Kernel (Live Patch 68 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122258 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2025-38477: net/sched: schqfq: Fix race condition on qfqaggregate bsc1247315...

EUVD-2025-31872

EUVD-2025-31872...

EUVD-2025-31877

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Linux Distros Unpatched Vulnerability : CVE-2023-53469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro...

Linux Distros Unpatched Vulnerability : CVE-2023-53463

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ibmvnic: Do not reset dql stats on NONFATAL err All ibmvnic resets, make a call to netdevtxresetqueue when re-opening the device. netdevtxresetqueue resets the...

Linux Distros Unpatched Vulnerability : CVE-2023-53510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the followin...

Linux Distros Unpatched Vulnerability : CVE-2025-61765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior ...