UBUNTU-CVE-2025-37896

In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the writecache and updatecache operation variants have zero...

CVE-2025-37896 spi: spi-mem: Add fix to avoid divide error

In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the writecache and updatecache operation variants have zero...

CVE-2025-37896 spi: spi-mem: Add fix to avoid divide error

In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the writecache and updatecache operation variants have zero...

PT-2025-22158 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A divide error issue has been identified in the Linux kernel related to SPI flash memory operations. Specifically, when calculating the duration for SPI memory operations with zero dum...

ALPINE-CVE-2025-4516

There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...

UBUNTU-CVE-2025-4516

There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...

CVE-2025-4516

CVE-2025-4516 describes a crash in CPython when using bytes.decode("unicode_escape", error=...) with the specific encoding and error handler. The connected Debian advisory (DLA-4445-1) notes this affects python3.9 and provides upgrade guidance (python3.9 3.9.2-1+deb11u4) with a patched package av...

PT-2025-21282

Name of the Vulnerable Software and Affected Versions: CPython affected versions not specified Description: The issue arises when using bytes.decode with the "unicode escape" encoding and an error handler set to "ignore" or "replace". Users not utilizing this specific encoding or error handler ar...

perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes

A flaw was found in Perl. This vulnerability allows a heap buffer overflow, which can lead to denial of service and potential arbitrary code execution on platforms that lack sufficient defenses via specially crafted input to the tr/// transliteration operator containing non-ASCII bytes on the...

Important: Red Hat Security Advisory: perl security update

An update for perl is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

php: Stream HTTP wrapper truncates redirect location to 1024 bytes

A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size...

kernel: vsock: Update rx_bytes on read_skb()

In the Linux kernel, the following vulnerability has been resolved: vsock: Update rxbytes on readskb Make sure virtiotransportincrxpkt and virtiotransportdecrxpkt calls are balanced i.e. virtiovsocksock::rxbytes doesn't lie after vsocktransport::readskb. While here, also inform the peer that we'v...

ALSA-2025:7500 Important: perl security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes CVE-2024-56406 For more details about the...

Address Spoofing

base-x is vulnerable to Address spoofing. The vulnerability is due to improper handling of leading zero bytes during encoding, which allows an attacker to create visually similar addresses and mislead users into sending funds to unintended recipients...

DEBIAN-CVE-2023-53108

In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dma-kmalloc-64 Not...

CVE-2023-53077

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: shift exponent 4294966273 is t...

DEBIAN-CVE-2023-53077

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: shift exponent 4294966273 is t...

CVE-2023-53077 drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes WHY When PTEBufferSizeInRequests is zero, UBSAN reports the following warning because dmllog2 returns an unexpected negative value: shift exponent 4294966273 is t...

SUSE CVE-2025-37780

In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Read in isofsfhtoparent. 1 The handlebytes value passed in by the reproducing program is equal to 12. In handletopath, only 12 bytes of memory are...

DEBIAN-CVE-2025-37780

In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid syzbot reported a slab-out-of-bounds Read in isofsfhtoparent. 1 The handlebytes value passed in by the reproducing program is equal to 12. In handletopath, only 12 bytes of memory are...