UBUNTU-CVE-2025-68314

In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish in vmbind contexts but not used for kernel managed contexts. This...

UBUNTU-CVE-2025-68305

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

CVE-2025-68314 drm/msm: make sure last_fence is always updated

In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish in vmbind contexts but not used for kernel managed contexts. This...

CVE-2025-68314

The CVE-2025-68314 entry concerns the Linux kernel component drm/msm. The vulnerability stems from last_fence not being updated in the vm-bind path, causing last_fence to not be waited on at context close for certain contexts, which can lead to faults as resources are freed while still in use. A ...

CVE-2025-68314 drm/msm: make sure last_fence is always updated

In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish in vmbind contexts but not used for kernel managed contexts. This...

CVE-2025-68305 Bluetooth: hci_sock: Prevent race in socket write iter and sock bind

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

CVE-2025-68305

CVE-2025-68305 is in the Linux kernel Bluetooth subsystem. It describes a race between sock bind and the Mgmt socket write path (mgmt_pending) that could lead to a use-after-free when a command is freed before a write iter completes. The root cause is a race between sock bind and socket write ite...

CVE-2025-68305 Bluetooth: hci_sock: Prevent race in socket write iter and sock bind

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

CVE-2025-68241 ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe

In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmission path calls: sittunnelxmit - updateorcreatefnhe, which lead to fnheremoveoldest being called to delete entries exceeding...

Security Bulletin: Vulnerability in BIND affects IBM Netezza Appliance

Summary The BIND package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-8677, CVE-2025-40780, CVE-2025-40778 Vulnerability Details CVEID:CVE-2025-8677 DESCRIPTION: Querying for records within a specially crafted zone containing certain malforme...

PT-2025-51709

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a race condition within the Bluetooth implementation, specifically in the interaction between socket binding and socket write iteration. This condition can lead...

PT-2025-51726

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/msm subsystem related to the handling of last fence. The issue occurs because last fence is not consistently updated, specifically in vm-bind...

Linux Distros Unpatched Vulnerability : CVE-2025-68305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free t...

Unity Linux 20.1060a / 20.1070a Security Update: bind (UTSA-2025-991236)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991236 advisory. Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects...

OESA-2025-2843 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

OESA-2025-2842 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

OESA-2025-2820 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would...

SUSE CVE-2002-1219

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records RR...

SUSE CVE-2002-1221

BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service crash via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference...

SUSE CVE-2025-13357

Vault's Terraform Provider incorrectly set the default denynullbind parameter for the LDAP auth method to false by default, potentially resulting in an insecure configuration. If the underlying LDAP server allowed anonymous or unauthenticated binds, this could result in authentication bypass. Thi...