CVE-2025-39813 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-39813 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39766 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-39766 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39685 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-39685 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-38666 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-38666 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39706 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-39706 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39702 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-39702 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39759 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-39759 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-50448

In the Linux kernel, the following vulnerability has been resolved: mm/uffd: fix warning without PTEMARKERUFFDWP compiled in When PTEMARKERUFFDWP not configured, it's still possible to reach pte marker code and trigger an warning. Add a few CONFIGPTEMARKERUFFDWP ifdefs to make sure the code won't...

CVE-2023-53522

In the Linux kernel, the following vulnerability has been resolved: cgroup,freezer: hold cpuhotpluglock before freezermutex syzbot is reporting circular locking dependency between cpuhotpluglock and freezermutex, for commit f5d39b020809 "freezer,sched: Rewrite core freezer logic" replaced atomici...

CVE-2025-39928

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: ensure data length is within supported range Add an explicit check for the xfer length to 'rtl9300i2cconfigxfer' to ensure the data length isn't within the supported range. In particular a data length of 0 is not...

CVE-2025-39925

In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...

CVE-2025-39922

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix incorrect map used in eee linkmode incorrectly used ixgbelpmap in loops intended to populate the supported and advertised EEE linkmode bitmaps based on ixgbelsmap. This results in incorrect bit setting and potential...

CVE-2025-39915

In the Linux kernel, the following vulnerability has been resolved: net: phy: transfer phyconfiginband locking responsibility to phylink Problem description =================== Lockdep reports a possible circular locking dependency AB/BA between &pl-statemutex and &phy-lock, as follows...

CVE-2025-39913

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork. syzbot reported the splat below. 0 The repro does the following: 1. Load a skmsg prog that calls bpfmsgcorkbytesmsg, corkbytes 2. Attach the prog to a...

CVE-2025-46205

A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service DoS by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue...

CVE-2025-8869 vulnerabilities

Vulnerabilities for packages: reflex, mlflow, py3-virtualenv, py3-pip-wheel-bootstrap, py3-pip...

CVE-2025-7493

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA...

CVE-2025-11153

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox 143.0.3...

CVE-2025-11083

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public an...

CVE-2025-10997

A flaw has been found in Open Babel up to 3.1.1. Impacted is the function ChemKinFormat::CheckSpecies of the file /src/formats/chemkinformat.cpp. Executing manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used...