CLSA-2025-1763991095 Fix of 25 CVEs

Focal update: v5.4.291 upstream stable release LP: 2106002 // CVE-2025-21772 - partitions: mac: fix handling of bogus partition table CVE-url: https://ubuntu.com/security/CVE-2025-22079 - ocfs2: validate ltreedepth to avoid out-of-bounds access CVE-url: https://ubuntu.com/security/CVE-2024-58014 ...

EUVD-2017-0776

Malware in sbrugna...

CVE-2025-9900

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...

CLSA-2025-1758009836 Fix of 28 CVEs

Bionic update: upstream stable patchset 2021-06-11 LP: 1931740 // CVE- url: https://ubuntu.com/security/CVE-2021-34981 - Bluetooth: cmtp: fix file refcount when cmtpattachdevice fails CVE-url: https://ubuntu.com/security/CVE-2025-37797 - netsched: hfsc: Fix a UAF vulnerability in class handling...

Linux Distros Unpatched Vulnerability : CVE-2017-0422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot. This...

CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...

CVE-2025-8851

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is...

CVE-2025-8534

A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PSLvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity ...

CVE-2024-13978

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2preadtiffinit of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally...

CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

CVE-2025-8176

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...

CLSA-2025-1753083094 Fix of 10 CVEs

Focal update: v5.4.292 upstream stable release LP: 2109357 // CVE-url: https://ubuntu.com/security/CVE-2025-37937 - objtool, media: dib8000: Prevent divide-by-zero in dib8000setdds Focal update: v5.4.287 upstream stable release LP: 2095145 // CVE-url: https://ubuntu.com/security/CVE-2024-53197 -...

CVE-2025-22134

When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visu...

CLSA-2025-1736470534 Fix of 32 CVEs

CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmemcacheopen CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit Bionic update: upstream stable patchset 2021-06-23 LP: 1933375 // CVE- url:...

CLSA-2025-1736470237 Fix of 32 CVEs

CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmemcacheopen CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit Bionic update: upstream stable patchset 2021-06-23 LP: 1933375 // CVE- url:...

CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

CLSA-2024-1733142968 Fix of 13 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64tomsecs - PM / devfreq: Modify the indentation of transstat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in transstatshow Bionic update: upstream...

CVE-2024-49769

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer...

CVE-2024-7866

In Xpdf 4.05 and earlier, a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow...

CVE-2024-7006

A null pointer dereference flaw was found in Libtiff via tifdirinfo.c. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash,...