EUVD-2025-12975

Malicious code in bioql PyPI...

CVE-2025-23152

CVE-2025-23152 affects the Linux kernel on arm64, where the bug was in arm64/crc-t10dif: out-of-scope array usage in crc_t10dif_arch(). A fix was applied in the kernel, described as correcting an array used outside its scope. Connected advisories/patch references include kernel commits (stable) a...

CVE-2025-23152 arm64/crc-t10dif: fix use of out-of-scope array in crc_t10dif_arch()

In the Linux kernel, the following vulnerability has been resolved: arm64/crc-t10dif: fix use of out-of-scope array in crct10difarch Fix a silly bug where an array was used outside of its scope...

kernel security update

4.18.0-553.46.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

CVE-2025-21794 HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix stack-out-of-bounds read in usbcheckintendpoints Syzbot1 has detected a stack-out-of-bounds read of the epaddr array from hid-thrustmaster driver. This array is passed to usbcheckintendpoints function...

CVE-2022-49551 usb: isp1760: Fix out-of-bounds array access

In the Linux kernel, the following vulnerability has been resolved: usb: isp1760: Fix out-of-bounds array access Running the driver through kasan gives an interesting splat: BUG: KASAN: global-out-of-bounds in isp1760register+0x180/0x70c Read of size 20 at addr f1db2e64 by task swapper/0/1...

CVE-2022-49551

The CVE-2022-49551 issue in the Linux kernel relates to usb: isp1760, where a loop over HC_FIELD_MAX reads regmap fields causing a global out-of-bounds access. The dynamically sized arrays isp1760_hc_reg_fields[], isp1763_hc_reg_fields[], isp1763_hc_volatile_ranges[], and isp1763_dc_volatile_rang...

CVE-2021-47649 udmabuf: validate ubuf->pagecount

In the Linux kernel, the following vulnerability has been resolved: udmabuf: validate ubuf-pagecount Syzbot has reported GPF in sgallocappendtablefrompages. The problem was in ubuf-pages == ZEROPTR. ubuf-pagecount is calculated from arguments passed from user-space. If user creates udmabuf with...

CVE-2024-57929 dm array: fix releasing a faulty array block twice in dm_array_cursor_end

In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dmarraycursorend When dmbmreadlock fails due to locking or checksum errors, it releases the faulty block implicitly while leaving an invalid output pointer behind. The caller ...

FreeBSD : firefox -- Dangling pointer crash regression from plugin parameter array fix (c2eac2b5-9a7d-11df-8e32-000f20797ede)

The Mozilla Project reports : MFSA 2010-48 Dangling pointer crash regression from plugin parameter array fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques...