[SECURITY] Fedora 40 Update: libxmp-4.6.2-3.fc40

Libxmp is a library that renders module files to PCM data. It supports over 90 mainstream and obscure module formats including Protracker MOD, Scream Tracker 3 S3M, Fast Tracker II XM, and Impulse Tracker IT. Many compressed module formats are supported, including popular Unix, DOS, and Amiga fil...

ALSA-2025:7524 Important: xz security update

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm LZMA, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fixes: xz: XZ has a...

[SECURITY] Fedora 41 Update: perl-Compress-Raw-Lzma-2.212-6.fc41

This module provides a Perl interface to the lzma compression library. It is used by IO::Compress::Lzma...

[SECURITY] Fedora 41 Update: xz-5.8.1-2.fc41

XZ Utils are an attempt to make LZMA compression easy to use on free as in freedom operating systems. This is achieved by providing tools and libraries which are similar to use than the equivalents of the most popular existing compression algorithms. LZMA is a general purpose compression algorith...

[SECURITY] Fedora 40 Update: xz-5.8.1-2.fc40

XZ Utils are an attempt to make LZMA compression easy to use on free as in freedom operating systems. This is achieved by providing tools and libraries which are similar to use than the equivalents of the most popular existing compression algorithms. LZMA is a general purpose compression algorith...

The vulnerability of the f2fs_unlock_rpages() function in the fs/f2fs/compress.c module of the F2FS file system support in Linux kernel allows a malicious actor to cause a service failure.

The vulnerability of the f2fsunlockrpages function in the fs/f2fs/compress.c module of the F2FS file system support in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

qatzip bug fix update

An update is available for qatzip. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list QATzip is a user space library which builds on top of the Intel QuickAssist...

Configure the Rotate Policy in rsyslog

rsyslog collects logs from the system and records them in files. logrotate copies and compresses log files periodically and quantitatively to ensure that log files do not occupy too many drive resources or even cannot be maintained. If the rotate policy is not configured for log files, they will...

SUSE CVE-2023-53144

In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...

CVE-2023-53144

In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...

CVE-2023-53144

In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...

UBUNTU-CVE-2023-53144

In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...

CVE-2023-53144 erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms

In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...

PT-2025-18908 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.2.0-rc5 Description: A bug in the Linux kernel has been resolved, related to the erofs filesystem when using LZMA compression on HIGHMEM platforms. The issue causes a kernel NULL pointer dereference due to...

CVE-2025-27611

base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions...

CVE-2025-27611

CVE-2025-27611 is a base-x homograph attack affecting the base-x base encoder/decoder. The shared issue, present in versions 4.0.0, 5.0.0, and all prior to 3.0.11, can allow Unicode lookalike characters to bypass validation, potentially deceiving users into sending funds to an unintended address....

PT-2025-18320 · Base-X · Base-X

Name of the Vulnerable Software and Affected Versions: base-x versions prior to 3.0.11 base-x version 4.0.0 base-x version 5.0.0 Description: The issue allows attackers to potentially deceive users into sending funds to an unintended address. This is achieved through a problem in the base-x encod...

Token-Efficient Prompt Injection Attack: Provoking Cessation in LLM Reasoning Via Adaptive Token Compression

While reasoning large language models LLMs demonstrate remarkable performance across various tasks, they also contain notable security vulnerabilities. Recent research has uncovered a "thinking-stopped" vulnerability in DeepSeek-R1, where model-generated reasoning tokens can forcibly interrupt th...

[SECURITY] Fedora 42 Update: xz-5.8.1-2.fc42

XZ Utils are an attempt to make LZMA compression easy to use on free as in freedom operating systems. This is achieved by providing tools and libraries which are similar to use than the equivalents of the most popular existing compression algorithms. LZMA is a general purpose compression algorith...

SUSE CVE-2025-22127

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential deadloop in preparecompressoverwrite Jan Prusakowski reported a kernel hang issue as below: When running xfstests on linux-next kernel 6.14.0-rc3, 6.12 I encountered a problem in generic/475 test where fsstres...