SUSE SLES12 Security Update : shim (SUSE-SU-2026:1414-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1414-1 advisory. shim is updated to version 16.1: - shimstartimage: fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test...

CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

SUSE SLES16 Security Update : grub2 (SUSE-SU-2025:21212-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21212-1 advisory. Changes in grub2: - CVE-2025-54771: Fixed grubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-54770:...

EUVD-2023-60119

In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: fix null pointer deref with partial DT config When some of the da9063 regulators do not have corresponding DT nodes a null pointer dereference occurs on boot because such regulators have no initdata causing the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...

DEBIAN-CVE-2025-38407

In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...

CVE-2025-38407

In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...

CVE-2025-38407 riscv: cpu_ops_sbi: Use static array for boot_data

In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...

Security update for xen

This update for xen fixes the following issues: Update to Xen 4.18.5: Security fixes: CVE-2024-28956: Fixed Intel CPU Indirect Target Selection ITS bsc1243117 Other fixes: Fixed boot failing with XEN kernel on DL580 Gen12 bsc1242490 Added missing upstream bug fixes bsc1027519 Special Instructions...

PT-2025-20498

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock issue in the Linux kernel has been resolved. The problem occurred in the ivpu ms cleanup function, which is called by ivpu ms cleanup all during a cold boot after a failure in...

CVE-2024-50108 drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too Stuart Hayhurst has found that both at bootup and fullscreen VA-API video is leading to black screens for around 1 second and kernel WARNING 1 traces when calling...

OPENSUSE-SU-2021:0462-1 Security update for grub2

This update for grub2 fixes the following issues: grub2 implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 - CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711 - CVE-2020-25647: Fixed an out-of-bound write in grubusbdeviceinitialize bsc1177883 -...

Updated xen packages fix security vulnerability

- Updated from 4.12.0 to 4.12.1 - Device quarantine for alternate pci assignment methods XSA-306 - x86: Machine Check Error on Page Size Change DoS XSA-304, CVE-2018-12207 - TSX Asynchronous Abort speculative side channel XSA-305, CVE-2019-11135 - VCPUOPinitialise DoS XSA-296, CVE-2019-18420...

January 17, 2018—KB4057142 (OS Build 14393.2034)

January 17, 2018—KB4057142 OS Build 14393.2034 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue where some customers on a small subset of older AMD processors get into an...

SUSE-SU-2017:3114-1 Recommended update for tboot

This update for tboot provides the following fix: Security issue fixed: - CVE-2014-5118: tboot: bypass of measured boot bsc889339 Bug fixes: - Fixed failed trusted boot on some systems like Intel Xeon 'Purley 8s' processors. The following error message showed: 'TBOOT: wait-for-sipi loop timed-out...

SUSE-SU-2017:2420-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2017-14316: Missing bound check in function allocheappages for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen XSA-231, bsc1056278 - CVE-2017-14318: The function...