SUSE-SU-2026:2009-1 Security update for haveged

This update for haveged fixes the following issue - CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: - Improvements on the linux kernel random subsystem have made move forward to socket communication within private network - Fix 'sto...

Security update for haveged

This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...

A week in security (February 17 – February 23)

Last week on Malwarebytes Labs: Healthcare security lapses keep piling up SecTopRAT bundled in Chrome installer distributed via Google Ads Google Docs used by infostealer ACRStealer as part of attack DeepSeek found to be sharing user data with TikTok parent company ByteDance Malwarebytes introduc...

Malwarebytes introduces native ARM support for Windows devices

For the last four years, Malwarebytes has been protecting ARM-based machines running on Apple’s M-series processors. Now, we’ve expanded our protection range to include ARM-based Windows machines such as Copilot+ PCs, including Microsoft Surface Pro, Lenovo Yoga Slim and ThinkPad, and Dell...

Moderate: Red Hat Security Advisory: ACS 4.6 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security RHACS. The updated image includes new features and bug fixes. This release of RHACS 4.6 provides these new features: Support for ARM architecture in secured clusters Technology Preview Certifications for Red Hat Advanced Clust...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

MAL-2022-1110 Malicious code in arm-support (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0c5251d9a317bb8a4f1dc8f065032c37e30e3b3e4f42ba6d4b9b9becd38d519 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in arm-support (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0c5251d9a317bb8a4f1dc8f065032c37e30e3b3e4f42ba6d4b9b9becd38d519 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1293 Malicious code in azure-arm-support-samples-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d95c1fb63446240c3b714ac0be6c40ccc9893a87cf6d5a99dda5650cb5dd7026 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

openSUSE: Security Advisory for spectre-meltdown-checker (openSUSE-SU-2021:2861-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:2861-1 Security update for spectre-meltdown-checker

This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 bsc1189477 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression 370 - enh: arm: add experimental support for binary arm images - enh: rs...

grant table v2 status pages may remain accessible after de-allocation

ISSUE DESCRIPTION Guest get permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, get de-allocated when a guest switched back from v2 to v1. The freeing of such...

spice and spice-gtk security update

spice 0.14.0-9.0.2.el79.1 - Add ARM support 0.14.0-9.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355 spice-gtk 0.35-5.1 - Fix multiple buffer overflows in QUIC decoding code Resolves: CVE-2020-14355...

OPENSUSE-SU-2020:1433-1 Security update for docker-distribution

This update for docker-distribution fixes the following issues: - Enable build on %arm which include armv6, not only on armv7 - Enable ppc64le - Use correct URL to project - Remove fillup, we don't ship a sysconfig file - Correct systemd requires - Enable build on ARM - Upgraded to 2.7.1 - Suppor...

spice security update

0.14.0-6.0.2.1 - Add ARM support 0.14.0-6.1 - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813...

spice and spice-gtk security update

spice 0.14.0-2.0.2 - add arm suppport 0.14.0-2.5 - Fix flexible array buffer overflow Resolves: rhbz1596008 spice-gtk 0.34-3.2 - Fix flexible array buffer overflow Resolves: rhbz1596008...