[SECURITY] Fedora 40 Update: rust-zerovec-0.10.4-4.fc40

Zero-copy vector backed by a byte array...

CVE-2025-43972

An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context...

CVE-2025-43962

In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

SUSE CVE-2016-2131

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none...

CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

CVE-2024-34064 affecting package nodejs for versions less than 20.14.0-1

CVE-2024-34064 affecting package nodejs for versions less than 20.14.0-1. A patched version of the package is available...

CVE-2022-47111

7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected...

CVE-2025-37838

In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: Fix use after free vulnerability in ssiprotocol Driver Due to Race Condition In the ssiprotocolprobe function, &ssi-work is bound with ssipxmitwork, In ssippnsetup, the ssippnxmit function within the ssippnops...

CVE-2025-39778

In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmetctrlstateshow The cstsstatenames array only has six sparse entries, but the iteration code in nvmetctrlstateshow iterates seven, resulting in a potential out-of-bounds stack...

CVE-2025-39778

In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmetctrlstateshow The cstsstatenames array only has six sparse entries, but the iteration code in nvmetctrlstateshow iterates seven, resulting in a potential out-of-bounds stack...

CVE-2025-43903

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries...

[SECURITY] Fedora 42 Update: giflib-5.2.2-6.fc42

giflib is a library for reading and writing gif images...

ROS-20250417-04

A vulnerability in the numbers.ct file of the libxslt library is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Vulnerability in libxslt library's xsltGetInheritedNsList function is related to memory usage after...

CVE-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

CVE-2025-22114

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't clobber ret in btrfsvalidatesuper Commit 2a9bb78cfd36 "btrfs: validate system chunk array at btrfsvalidatesuper" introduces a call to validatesyschunkarray in btrfsvalidatesuper, which clobbers the value of ret set...

CVE-2025-22120

In the Linux kernel, the following vulnerability has been resolved: ext4: goto right label 'outmmapsem' in ext4setattr Otherwise, if ext4inodeattachjinode fails, a hung task will happen because filemapinvalidateunlock isn't called to unlock mapping-invalidatelock. Like this: EXT4-fs error device...

CVE-2025-22095

In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulatorbulkget If the regulatorbulkget returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to...

CVE-2025-22066

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imxcardprobe devmkasprintf returns NULL when memory allocation fails. Currently, imxcardprobe does not check for this case, which results in a NULL pointer dereference. Add NULL check after...

CVE-2025-23136

In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 "platform/x86: int3472: Check for adev == NULL". Add a check for adev not...