EUVD-2025-55683

Malicious code in binding-peach-guineafowl npm...

EUVD-2025-55681

Malicious code in binding-white-dinosaur npm...

EUVD-2025-55685

Malicious code in binding-coral-alpaca npm...

SUSE SLES15 Security Update : kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2025:4040-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4040-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.170 fixes various security issues The following security issues were fixed: ...

SUSE-SU-2025:4040-1 Security update for the Linux Kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.170 fixes various security issues The following security issues were fixed: - CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. - CVE-2024-53164: net: sched: fix ordering of qlen adjustment...

MAL-2025-60017 Malicious code in binding_elephant_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d99052f24ceba7cce74ab452d134ae5f5bfbd9c877bc5834924404fb148fd32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

SUSE-SU-2025:4036-1 Security update for the Linux Kernel (Live Patch 32 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.136 fixes various security issues The following security issues were fixed: - CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. - CVE-2024-53164: net: sched: fix ordering of qlen adjustment...

Security update for the Linux Kernel (Live Patch 62 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.234 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier...

SUSE-SU-2025:4024-1 Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes various security issues The following security issues were fixed: - CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. - CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier...

SUSE-SU-2025:4016-1 Security update for the Linux Kernel (Live Patch 49 for SUSE Linux Enterprise 15 SP3)

This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.179 fixes various security issues The following security issues were fixed: - CVE-2022-50248: wifi: iwlwifi: mvm: fix double free on tx path bsc1249841. - CVE-2022-50252: igb: Do not free qvector unless new one was allocated...

SUSE-SU-2025:4031-1 Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.110 fixes various security issues The following security issues were fixed: - CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. - CVE-2024-53164: net: sched: fix ordering of qlen adjustment...

SUSE-SU-2025:4001-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700533 fixes several issues. The following security issues were fixed: - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. - CVE-2025-38511: drm/xe/pf: Clear all LMTT pages on alloc bsc1248176. - CVE-2025-38617:...

Cryptographic Binding Should Not Be Optional: A Formal-Methods Analysis of FIDO UAF Channel Binding

As a case study in cryptographic binding, we present a formal-methods analysis of the cryptographic channel binding mechanisms in the Fast IDentity Online FIDO Universal Authentication Framework UAF authentication protocol, which seeks to reduce the use of traditional passwords in favor of...

Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...

SUSE-SU-2025:4000-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. - CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208. -...

SUSE-SU-2025:3995-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700536 fixes several issues. The following security issues were fixed: - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. - CVE-2025-38511: drm/xe/pf: Clear all LMTT pages on alloc bsc1248176. - CVE-2025-38617:...

Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-1507005311 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY bsc1249207. Patch Instructions: To...

SUSE SLES15 Security Update : kernel (Live Patch 9 for SLE 15 SP6) (SUSE-SU-2025:3936-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3936-1 advisory. This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: - CVE-2025-38664: ice: Fix a...

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002360 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208...

SUSE-SU-2025:3983-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002360 fixes several issues. The following security issues were fixed: - CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. - CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier bsc1249208. -...