Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array CVE-2025-21785 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

kernel security update

4.18.0-553.46.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

ALSA-2025:3260 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array CVE-2025-21785 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

SUSE CVE-2025-2722

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The code maintainer explains that "the call is invalid because pnparam is an input-output parameter indicating how big ...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

The vulnerability of the cm3_helper_translate_curve_to_degamma_hw_format() function in the drivers/gpu/drm/amd/display/dc/dcn30/dcn30_cm_common.c file of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cm3helpertranslatecurvetodegammahwformat function in the drivers/gpu/drm/amd/display/dc/dcn30/dcn30cmcommon.c file of the Linux kernel is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

SUSE CVE-2025-2574

Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code...

CVE-2025-2574 Out-of-bounds array write in Xpdf 4.05 due to incorrect integer overflow checking

Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code...

CVE-2025-2574

Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code...

CVE-2025-2574

Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code...

CVE-2025-0313

Rejected reason: REJECT DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-12055. Notes: All CVE users should reference CVE-2024-12055 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage...

CVE-2025-0313

...

CVE-2025-0313

...

Improper Validation Of Array Index

github.com/onosproject/onos-lib-go is vulnerable to Improper Validation of Array Index. The vulnerability is due to an index out-of-range error in the GetBitString function. An attacker can cause a denial of service by sending crafted input that specifies a zero value for numBits...

GHSA-GM45-Q3V2-6CF8 Fast-JWT Improperly Validates iss Claims

Summary The fast-jwt library does not properly validate the iss claim based on the RFC https://datatracker.ietf.org/doc/html/rfc7519page-9. Details The iss issuer claim validation within the fast-jwt library permits an array of strings as a valid iss value. This design flaw enables a potential...

CLSA-2025-1742319123 java-11-openjdk: Fix of 11 CVEs

Upgrade to openjdk-11.0.26+4. The following CVEs were fixed: - CVE-2024-21131: potential UTF8 size overflow - CVE-2024-21138: excessive symbol length can lead to infinite loop - CVE-2024-21140: range Check Elimination RCE pre-loop limit overflow - CVE-2024-21144: Pack200 increase loading time due...

PT-2025-20508

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically an array overflow in the st setup function. The issue was addressed by changing the array size to follow the parms siz...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index due to an index out-of-range error in the GetBitString function. An attacker can cause a denial of service by sending crafted input that specifies a zero value for numBits. PoC golang package main impo...

OESA-2025-1268 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of...

OESA-2025-1265 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: When loading a script with Subresource Integrity, attackers with an injection capability could trigger the reuse of...