media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID

...

USN-7834-1: Linux kernel (Azure) vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...

Ubuntu 18.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-7832-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7832-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

AWS Outage: Lessons Learned

What can we learn from the recent AWS outage, and how can we apply those lessons to our own infrastructure? What Happened? On October 20, 2025 , AWS experienced a major disruption that rippled across the internet and social media, affecting widely used services such as Zoom, Microsoft Teams, Slac...

USN-7819-2: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; -...

USN-7819-2 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; -...

CVE-2025-62480

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Naming Subsystem. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...

CVE-2025-62480

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Naming Subsystem. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...

EUVD-2025-35228

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Naming Subsystem. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...

USN-7832-1 linux-oracle-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...

USN-7832-1: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987699 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubpro...

PT-2025-49086

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s xfrm subsystem where the xfrm state delete tunnel function is not consistently called for states that were initialized but never fully added. This can...

EUVD-2025-35065

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32csistart', 'csidev-ssubdev' is dereferenced directly while assigning a value to the 'srcpad'. However the same value is being checked against NULL at a later point of...

UBUNTU-CVE-2025-40015

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32csistart', 'csidev-ssubdev' is dereferenced directly while assigning a value to the 'srcpad'. However the same value is being checked against NULL at a later point of...

CVE-2025-40015

In CVE-2025-40015, the Linux kernel vulnerability is in the media: stm32-csi driver. The issue arises in stm32_csi_start where csidev->s_subdev is dereferenced while assigning to src_pad before a NULL check, creating a potential NULL dereference. The fix moves the dereference after the NULL ch...

CVE-2025-40013 ASoC: qcom: audioreach: fix potential null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fix potential null pointer dereference It is possible that the topology parsing function audioreachwidgetloadmodulecommon could return NULL or an error pointer. Add missing NULL check so that we do not...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

scsi: mvsas: Fix use-after-free bugs in mvs_work_queue

...

EUVD-2025-34895

OpenBao has potential Denial of Service vulnerability when processing malicious unauthenticated JSON requests...