SUSE-SU-2026:0306-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747...

SUSE-SU-2026:0304-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747...

Security update for xen

This update for xen fixes the following issues: Security fixes: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 CVE-2025-58149: Fixed incorrect removal od permissions on PCI device...

SUSE-SU-2026:0303-1 Security update for xen

This update for xen fixes the following issues: Security fixes: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 - CVE-2025-58149: Fixed incorrect removal od permissions on PCI...

CVE-2025-69419

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

CVE-2026-1484

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...

CLSA-2026-1769424492 gpsd-minimal: Fix of 2 CVEs

CVE-2025-67268: fix heap-based buffer overrun in NMEA2000 GNSS satellite handling - CVE-2025-67269: fix integer underflow in NAVCOM packet parsing to prevent excessive payload length and CPU-exhaustion...

[SECURITY] [DLA 4454-1] libuev security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4454-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 25, 2026 https://wiki.debian.org/LTS -...

Debian dla-4454 : libuev-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4454 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4454-1 [email protected] https://www.debian.org/lts/security/...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38068)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38068 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer...

Azure Linux 3.0 Security Update: kernel (CVE-2024-41038)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41038 advisory. - In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Prevent buffer overrun...

CLSA-2026-1768110920 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...

MiracleLinux 9 : dotnet7.0-7.0.119-1.el9_4.ML.1 (AXSA:2024-8152:10)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8152:10 advisory. dotnet: stack buffer overrun in Double Parse CVE-2024-30045 dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop...

MiracleLinux 8 : postgresql:9.6 (AXSA:2021-2310:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2310:01 advisory. postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memory disclosure in INSERT ... ON...

MiracleLinux 8 : systemd-239-68.el8.1 (AXSA:2023-4775:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4775:02 advisory. systemd: buffer overrun in formattimespan function CVE-2022-3821 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 9 : postgresql:15 (AXSA:2024-7330:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7330:01 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

ROS-20260120-7324

A vulnerability in the iwlparsetlvfirmware function drivers/net/wireless/intel/iwlwifi/iwl-drv.c of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploiting the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 9 : systemd-250-12.el9.1 (AXSA:2023-4873:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4873:04 advisory. systemd: buffer overrun in formattimespan function CVE-2022-3821 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 9 : postgresql-13.13-1.el9_3 (AXSA:2023-7047:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7047:07 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

ROS-20260120-7306

A vulnerability in the gtp component of the Linux operating system kernel is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...