MiracleLinux 9 : java-21-openjdk-21.0.8.0.9-1.el9.ML.1 (AXSA:2025-10689:14)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10689:14 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059...

CVE-2022-31285

An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h...

CVE-2022-31146

Wasmtime is a standalone runtime for WebAssembly. There is a bug in the Wasmtime's code generator, Cranelift, where functions using reference types may be incorrectly missing metadata required for runtime garbage collection. This means that if a GC happens at runtime then the GC pass will...

PT-2026-5528

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc5-00127-ga06157804399 Description The Linux kernel contains a flaw in the mm/page alloc subsystem that can lead to corruption of the per-cpu pages pcp structure when SMP Symmetric Multi-Processing is...

PT-2026-26047

In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvme pr read keys nvme pr read keys takes num keys from userspace and uses it to calculate the allocation size for rse via struct size. The upper limit is PR KEYS MAX 64K. A malicious or buggy...

UBUNTU-CVE-2023-54206

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...

CVE-2023-54206

CVE-2023-54206 affects the Linux kernel net/sched flower filter initialization. The root cause is a race where idr initialization was moved too early in fl_change(), allowing concurrent access to a filter still being initialized, risking a NULL pointer dereference. The published mitigations descr...

CVE-2023-54165

In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zsmapobject to zsmalloc Under memory pressure, we sometimes observe the following crash: 5694.832838 ------------ cut here ------------ 5694.842093 listdel corruption, ffff888014b6a448-next is...

PT-2025-54023

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel experienced an issue where memory allocation failed for the exFAT file system due to system memory fragmentation. This occurred when using kmalloc array and kfree,...

SUSE CVE-2023-54127

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: prevent double-free in dbUnmount after failed jfsremount Syzkaller reported the following issue: ================================================================== BUG: KASAN: double-free in slabfree mm/slub.c:3787 inline...

CVE-2023-54062

In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4xattrmovetoblock In ext4xattrmovetoblock, the value of the extended attribute which we need to move to an external block may be allocated by kvmalloc if the value is stored in an external...

CVE-2023-54147

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for idaalloc Add the check for the return value of the idaalloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdpm2mopen fails later in orde...

kernel: mm: slub: avoid wake up kswapd in set_track_prepare

A deadlock lock recursion vulnerability exists in the linux kernel such that when CONFIGDEBUGOBJECTSTIMERS is set, may wake up kswapd in settrackprepare, and try to hold the percpuhrtimerbases lock...

SUSE-SU-2025:4489-1 Security update for netty

This update for netty fixes the following issues: Update to upstream version 4.1.130. Security issues fixed: - CVE-2025-67735: lack of URI sanitization in HttpRequestEncoder allows for CRLF injection through a request URI and can lead to request smuggling bsc1255048. Other updates and bugfixes: -...

CVE-2025-68199

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then later succeeds in allocating a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in t...

CVE-2025-40348

In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab-objexts in allocslabobjexts If two competing threads enter allocslabobjexts and one of them fails to allocate the object extension vector, it might override the valid slab-objexts allocated by the other...

CVE-2025-68199

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then later succeeds in allocating a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in t...

CVE-2025-40348

In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab-objexts in allocslabobjexts If two competing threads enter allocslabobjexts and one of them fails to allocate the object extension vector, it might override the valid slab-objexts allocated by the other...

CVE-2025-68199

Mode C: The CVE-2025-68199 entry concerns the Linux kernel, where an issue in the slab allocator (mm/slub.c) arises when free_slab_obj_exts() encounters slabobj_exts already set to CODETAG_EMPTY instead of NULL. The root cause is that, after a failed then later successful alloc_slab_obj_exts(), o...

CVE-2025-68199 codetag: debug: handle existing CODETAG_EMPTY in mark_objexts_empty for slabobj_ext

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then later succeeds in allocating a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in t...