4224 matches found
SUSE-SU-2026:0328-1 Security update for xen
This update for xen fixes the following issues: Security fixes: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 - CVE-2025-58149: Fixed incorrect removal od permissions on PCI...
CVE-2025-58150 x86: buffer overrun with shadow paging + tracing
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...
CVE-2025-58150 x86: buffer overrun with shadow paging + tracing
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...
CVE-2025-58150
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...
CVE-2025-58150
Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...
AZL-76116 CVE-2025-69419 affecting package edk2 for versions less than 20230301gitf80f052277c8-47
Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...
Security update for xen
This update for xen fixes the following issues: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 Special Instructions and Notes: Please reboot the system after installing this update...
SUSE-SU-2026:0306-1 Security update for xen
This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747...
SUSE-SU-2026:0304-1 Security update for xen
This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747...
Security update for xen
This update for xen fixes the following issues: Security fixes: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 CVE-2025-58149: Fixed incorrect removal od permissions on PCI device...
SUSE-SU-2026:0303-1 Security update for xen
This update for xen fixes the following issues: Security fixes: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 - CVE-2025-58149: Fixed incorrect removal od permissions on PCI...
CVE-2025-69419
Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...
CVE-2026-1484
A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...
CLSA-2026-1769424492 gpsd-minimal: Fix of 2 CVEs
CVE-2025-67268: fix heap-based buffer overrun in NMEA2000 GNSS satellite handling - CVE-2025-67269: fix integer underflow in NAVCOM packet parsing to prevent excessive payload length and CPU-exhaustion...
[SECURITY] [DLA 4454-1] libuev security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4454-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 25, 2026 https://wiki.debian.org/LTS -...
Debian dla-4454 : libuev-dev - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4454 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4454-1 [email protected] https://www.debian.org/lts/security/...
Azure Linux 3.0 Security Update: kernel (CVE-2024-41038)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41038 advisory. - In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Prevent buffer overrun...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38068)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38068 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer...
CLSA-2026-1768110920 kernel: Fix of 16 CVEs
crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...
ROS-20260120-7333
A vulnerability in the childcfsrqonlist function of the kernel/sched/fair.c module of the Linux kernel is related to buffer overruns in memory as a result of incorrect pointer conversion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...