40 matches found
CVE-2025-39681
In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrlcpudetect in bspinit helper Since 923f3a2b48bd "x86/resctrl: Query LLC monitoring properties once during boot" resctrlcpudetect has been moved from common CPU initialization code to the...
CVE-2025-38417
In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario Add simple eswitch mode checker in attaching VF procedure and allocate required port representor memory structures only in switchdev mode. The reset flows triggers VF if present...
CVE-2025-30749
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...
CVE-2025-38199
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak due to multiple rxstats allocation rxstats for each arsta is allocated when adding a station. arsta-rxstats will be freed when a station is removed. Redundant allocations are occurring when the same...
CVE-2025-52992
The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow arbitrary processes to modify the content of a store outside of the build sandbox. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and...
CVE-2022-50158
In the Linux kernel, the following vulnerability has been resolved: mtd: partitions: Fix refcount leak in parseredbootof ofgetchildbyname returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...
CVE-2022-50136
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...
CVE-2025-38071
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblockphysallocrange At least with CONFIGPHYSICALSTART=0x100000, if there is 4 MiB of contiguous free memory available at this point, the kernel will crash and burn because memblockphysallocrange...
CVE-2025-37923
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in traceseqtobuffer syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in traceseqtobuffer kernel/trace/trace.c:1830 inline BUG: KASA...
CVE-2025-37892
In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Add error check for inftlreadoob In INFTLfindwriteunit, the return value of inftlreadoob need to be checked. A proper implementation can be found in INFTLdeleteblock. The status will be set as SECTORIGNORE to brea...
CVE-2025-38104
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV RLCG Register Access is a way for virtual functions to safely access GPU registers in a virtualized environment., including TLB...
bind security update
32:9.11.4-26.0.3.P2.16 - Resolve CVE-2024-11187 Orabug: 37616907...
CVE-2022-49703
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue is first allocated a...
CVE-2022-49451
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASEDISCOVERLISTPROTOCOLS, the number of returned protocols is currently validated in an...
CVE-2022-49252
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeoflong is 8 compared to enum size which is 4 byt...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: redis:7 security update
An update for the redis:7 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
.NET 9.0 security update
9.0.102-1.0.1 - Add support for Oracle Linux 9.0.102-1 - Update to .NET SDK 9.0.102 and Runtime 9.0.1 - Resolves: RHEL-71551...
CVE-2024-57881
In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...
dpdk security update
23.11-2 - Backport fixes for CVE-2024-11614 RHEL-68600...