SUSE CVE-2023-54045

In the Linux kernel, the following vulnerability has been resolved: audit: fix possible soft lockup in auditinodechild Tracefs or debugfs maybe cause hundreds to thousands of PATH records, too many PATH records maybe cause soft lockup. For example: 1. CONFIGKASAN=y && CONFIGPREEMPTION=n 2. auditc...

SUSE CVE-2025-39840

In the Linux kernel, the following vulnerability has been resolved: audit: fix out-of-bounds read in auditcomparednamepath When a watch on dir=/ is combined with an fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...

UBUNTU-CVE-2025-39840

In the Linux kernel, the following vulnerability has been resolved: audit: fix out-of-bounds read in auditcomparednamepath When a watch on dir=/ is combined with an fsnotify event for a single-character name directly under / e.g., creating /a, an out-of-bounds read can occur in...

PT-2025-38547

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description An out-of-bounds read issue exists in the audit compare dname path function within the Linux kernel. This occurs when a watch is set on the root directory dir=/, combined with a file...

GHSA-M4GQ-X24J-JPMF Prototype pollution vulnerability found in Mermaid's bundled version of DOMPurify

The following bundled files within the Mermaid NPM package contain a bundled version of DOMPurify that is vulnerable to https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674, potentially resulting in an XSS attack. This affects the built: - dist/mermaid.min.js -...

CVE-2022-48832 audit: don't deref the syscall args when checking the openat2 open_how::flags

In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 openhow::flags As reported by Jeff, dereferencing the openat2 syscall argument in auditmatchperm to obtain the openhow::flags can result in an oops/page-fault. This...

CVE-2024-41001 io_uring/sqpoll: work around a potential audit memory leak

In the Linux kernel, the following vulnerability has been resolved: iouring/sqpoll: work around a potential audit memory leak kmemleak complains that there's a memory leak related to connect handling: unreferenced object 0xffff0001093bdf00 size 128: comm "iou-sqp-455", pid 457, jiffies 4294894164...

GHSA-R7QP-CFHV-P84W Uncaught exception in engine.io

Impact A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. events.js:292 throw er; // Unhandled 'error' event ^ Error: read ECONNRESET at TCP.onStreamRead internal/streambasecommons.js:209:20 Emitted 'error' event on Socket...

kernel security and bug fix update

2.6.9-78.0.22.0.1.EL - xen fix for hung JVM thread after GPF orabug 7916406 Chuck Anderson - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mt...