OESA-2025-1265 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of...

bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog

...

The vulnerability of microprogramming software in embedded Qualcomm chips, related to unverified array indexing, allows a hacker to execute arbitrary code, cause system failures, or gain unauthorized access to protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to unverified array indexing. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code, cause service failures, or gain unauthorized access to protected information...

MAL-2025-2307 Malicious code in empty-array-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349e81874005a4e4ed11f5e452324e817f3fc61d4a22f5237445d562df83fb60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2296 Malicious code in array-empty-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9923e27ee77980880cfc13a3c78c4903c58bed58f9257ac0407d57841fcc7853 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in array-empty-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9923e27ee77980880cfc13a3c78c4903c58bed58f9257ac0407d57841fcc7853 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in empty-array-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349e81874005a4e4ed11f5e452324e817f3fc61d4a22f5237445d562df83fb60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

openjdk: Enhance array handling (Oracle CPU 2025-01)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56595)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56595 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: add a check to prevent array-...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56598)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56598 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in...

Linux Distros Unpatched Vulnerability : CVE-2023-52799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: fix array-index-out-of-bounds in dbFindLeaf Currently while searching for dmtreet for sufficient free blocks there is an array out of bounds while getting...

Azure Linux 3.0 Security Update: kernel (CVE-2024-53156)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53156 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for...

jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree

...

jfs: fix array-index-out-of-bounds in jfs_readdir

...

jfs: array-index-out-of-bounds fix in dtReadFirst

...

SUSE CVE-2024-58083

In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...

UBUNTU-CVE-2024-58083

In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...

Linux Distros Unpatched Vulnerability : CVE-2025-21680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in getimixentries Passing a sufficient amount of imix...

Linux Distros Unpatched Vulnerability : CVE-2024-56598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of...

Linux Distros Unpatched Vulnerability : CVE-2024-49930

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX...