PT-2026-44279

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix potential ADE in loongson gpu fixup dma hang The switch case in loongson gpu fixup dma hang may not DC2 or DC3, and readlcrtc reg will access with random address, because the "device" is from "base+PCI DEVICE ID",...

CVE-2026-42338

ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group and Address6.link do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage emitted by the Address6...

ip-address 跨站脚本漏洞

ip-address is a JavaScript library developed by Beau Gunderson, designed for verifying and manipulating IPv4 and IPv6 addresses. Versions prior to 10.1.1 of ip-address had a cross-site scripting vulnerability. This vulnerability stemmed from the Address6.group and Address6.link methods not proper...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

CVE-2025-71270

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38158)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38158 advisory. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address erro...

EUVD-2025-19786

Malicious code in bioql PyPI...

EUVD-2022-54481

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after...

hisi_acc_vfio_pci: fix XQE dma address error

...

firefox: thunderbird: Large branch table could lead to truncated instruction

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...

firefox: thunderbird: Large branch table could lead to truncated instruction

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM brtable instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of th...

CVE-2025-38158

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

CVE-2025-38158 hisi_acc_vfio_pci: fix XQE dma address error

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

CVE-2025-38158 hisi_acc_vfio_pci: fix XQE dma address error

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

CVE-2025-38158

CVE-2025-38158 affects the Linux kernel (hisi_acc_vfio_pci) and fixes an XQE/AEQE DMA address error observed after migration. The root cause is an incorrect address construction when reading hardware registers, causing wrong DMA addresses for EQE/AEQE and guest kernel‑mode encryption services to ...

CVE-2024-53072 platform/x86/amd/pmc: Detect when STB is not available

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amdpmc module as: amdpmc enablestb=1 ...can result in the following messages in the kernel ring buffer: amdpmc AMDI0009:00: SMU cmd failed. err: 0xff ioremap on R...

kernel: powerpc/kasan: Fix addr error caused by page alignment

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasaninitregion, when kstart is not page aligned, at the begin of for loop, kcur = kstart & PAGEMASK is less than kstart, and then va = block + kcur - kstart is less than...

CLSA-2024-1727352561 kernel: Fix of 19 CVEs

tipc: Return non-zero value from tipcudpaddr2str on error CVE-2024-42284 - dev/parport: fix the array out-of-bounds risk CVE-2024-42301 - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs CVE-2024-42285 - scsi: aacraid: Fix double-free on probe failure CVE-2024-46673 - ipv6: prevent...

Store Configuration by Server Based Discovery Fails

When attempting to configure Receiver Stores by entering in address of StoreFront server in Email/Server Based Discovery dialog, the following error appears: "Your account cannot be added using this server address. Make sure you entered it correctly. You may need to enter your email address...