SUSE-SU-2025:03281-1 Security update for cmake

This update for cmake fixes the following issues: - CVE-2025-9301: Fixed assertion failure due to improper validation bsc1248461...

CVE-2025-10456

A vulnerability was identified in the handling of Bluetooth Low Energy BLE fixed channels such as SMP or ATT. Specifically, an attacker could exploit a flaw that causes the BLE target i.e., the device under attack to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth...

CVE-2025-10456

A vulnerability was identified in the handling of Bluetooth Low Energy BLE fixed channels such as SMP or ATT. Specifically, an attacker could exploit a flaw that causes the BLE target i.e., the device under attack to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth...

Zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by Zephyr. A security vulnerability exists in Zephyr that stems from a flaw in the handling of the Bluetooth Low Energy Fixed Channel, which could lead to undefined behavior, including assertion failure, crashes, or memory...

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: Oracle July 15 2025 CPU bsc1247754. CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications th...

Linux Distros Unpatched Vulnerability : CVE-2025-39831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbnic: Move phylink resume out of servicetask and into open/close The fbnic driver was presenting with the following locking assert coming out of a PM resume:...

SUSE CVE-2025-39831

In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of servicetask and into open/close The fbnic driver was presenting with the following locking assert coming out of a PM resume: 42.208116 T164 RTNL: assertion failed at drivers/net/phy/phylink.c 261...

AZL-67407 CVE-2025-39832 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...

CVE-2025-39831

In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of servicetask and into open/close The fbnic driver was presenting with the following locking assert coming out of a PM resume: 42.208116 T164 RTNL: assertion failed at drivers/net/phy/phylink.c 261...

CVE-2025-39832

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...

DEBIAN-CVE-2025-39832

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...

CVE-2025-39832

CVE-2025-39832 concerns the Linux kernel’s mlx5 driver. The issue is a lockdep assertion triggered during the sync reset unload path, specifically when a sync reset flow is started via the devlink reload fw_activate option. The PF holds the devlink lock while handling the unload event, and the fi...

CVE-2025-39832 net/mlx5: Fix lockdep assertion on sync reset unload event

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...

CVE-2025-39831 fbnic: Move phylink resume out of service_task and into open/close

In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of servicetask and into open/close The fbnic driver was presenting with the following locking assert coming out of a PM resume: 42.208116 T164 RTNL: assertion failed at drivers/net/phy/phylink.c 261...

DEBIAN-CVE-2023-53183

In the Linux kernel, the following vulnerability has been resolved: btrfs: exit gracefully if reloc roots don't match BUG Syzbot reported a crash that an ASSERT got triggered inside preparetomerge. CAUSE The root cause of the triggered ASSERT is we can have a race between quota tree creation and...

CVE-2023-53183

CVE-2023-53183 is rejected/not used and not an active vulnerability entry.

CVE-2023-53183 btrfs: exit gracefully if reloc roots don't match

In the Linux kernel, the following vulnerability has been resolved: btrfs: exit gracefully if reloc roots don't match BUG Syzbot reported a crash that an ASSERT got triggered inside preparetomerge. CAUSE The root cause of the triggered ASSERT is we can have a race between quota tree creation and...

Moderate: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...