SUSE-SU-2025:4239-1 Security update for the Linux Kernel (Live Patch 39 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.161 fixes various security issues The following security issues were fixed: - CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983. - CVE-2024-53141: netfilter: ipset: add missing range che...

Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.150 fixes various security issues The following security issues were fixed: CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983. CVE-2024-53141: netfilter: ipset: add missing range check i...

RLSA-2025:21968 Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: GIMP DCM...

SUSE-SU-2025:4215-1 Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.144 fixes various security issues The following security issues were fixed: - CVE-2023-53673: Bluetooth: hcievent: call disconnect callback before deleting conn bsc1251983. - CVE-2024-53141: netfilter: ipset: add missing range che...

gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability

A remote code execution vulnerability exists in GIMP due to improper validation of user-supplied data during the parsing of WBMP Wireless Bitmap files. The flaw occurs because an integer overflow can happen before memory allocation, leading to a heap-based buffer overflow. An attacker can exploit...

Security update for the Linux Kernel (Live Patch 62 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.234 fixes one security issue The following security issue was fixed: CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. Patch Instructions: To install this SUSE update use the SUSE recommended...

Ubuntu: Security Advisory (USN-7876-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue The following security issue was fixed: CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2025:4170-1 Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue The following security issue was fixed: - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778...

SUSE-SU-2025:4161-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.17 fixes various security issues The following security issues were fixed: - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow...

USN-7876-1: ImageMagick vulnerability

It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue exists due to an incomplete fix for CVE-2025-57803...

USN-7876-1 imagemagick vulnerabilities

It was discovered that ImageMagick did not properly handle memory when encoding BMP images. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue exists due to an incomplete fix for CVE-2025-57803...

Researchers Detail Tuoni C2's Role in an Attempted 2025 Real-Estate Cyber Intrusion

Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control C2 and red teaming framework known as Tuoni. "The campaign leveraged the emerging Tuoni C2 framework, a relatively new,...

Mozilla Firefox ESR < 52.0.1

The version of Firefox ESR installed on the remote Windows host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerability disables...

Mozilla Firefox < 52.0.1

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerability...

Mozilla Firefox ESR < 52.0.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.0.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2017-08 advisory. - An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerabilit...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-45025)

bitmap corruption on closerange with CLOSERANGEUNSHARE copyfdbitmaps. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504655; scriptversion"1.3";...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-21712)

md/md-bitmap: vulnerability caused by bitmapgetstats can be called even if the bitmap is destroyed or not fully initialized, leading to a kernel crash, which is fixed by synchronizing bitmapgetstats with bitmapinfo.mutex. This plugin only works with Tenable.ot. Please visit...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990828)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990828 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: Avoid excessive partition lengths Avoid mounting filesystems where the partition would...

kernel: powerpc/xive/spapr: correct bitmap allocation size

In the Linux kernel, the following vulnerability has been resolved: powerpc/xive/spapr: correct bitmap allocation size kasan detects access beyond the end of the xibm-bitmap allocation: BUG: KASAN: slab-out-of-bounds in findfirstzerobit+0x40/0x140 Read of size 8 at addr c00000001d1d0118 by task...