PT-2026-43312

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The execute web request secure function in src/fast library.cpp creates a boost::asio::ssl::context with tls client mode and calls set default verify paths to load CA certificates, but never...

SUSE CVE-2026-31559

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "offindnodebypath"/"" with "ofroot" to avoid multiple calls to "ofnodeput". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU...

DEBIAN-CVE-2026-31559

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "offindnodebypath"/"" with "ofroot" to avoid multiple calls to "ofnodeput". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU...

CVE-2026-31559

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "offindnodebypath"/"" with "ofroot" to avoid multiple calls to "ofnodeput". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU...

CVE-2026-31559 LoongArch: Fix missing NULL checks for kstrdup()

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "offindnodebypath"/"" with "ofroot" to avoid multiple calls to "ofnodeput". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU...

EUVD-2025-3951

Malicious code in bioql PyPI...

virt:kvm_utils3 security update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 libguestfs-winsupport libiscsi libnbd 1.6.0-6.el8 - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 1.6.0-5.el8 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or wri...

Unbreakable Enterprise kernel security update

5.15.0-209.161.7 - loop: Fix a race between loop detach and loop open Gulam Mohamed Orabug: 36865975 5.15.0-209.161.6 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879156 CVE-2024-41090 CVE-2024-41091 - x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs...

SUSE CVE-2024-26975

In the Linux kernel, the following vulnerability has been resolved: powercap: intelrapl: Fix a NULL pointer dereference A NULL pointer dereference is triggered when probing the MMIO RAPL driver on platforms with CPU ID not listed in intelraplcommon CPU model list. This is because the...

CVE-2024-26975

In the Linux kernel, the following vulnerability has been resolved: powercap: intelrapl: Fix a NULL pointer dereference A NULL pointer dereference is triggered when probing the MMIO RAPL driver on platforms with CPU ID not listed in intelraplcommon CPU model list. This is because the...

virt:ol and virt-devel:ol security, bug fix, and enhancement update

libguestfs 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 1:1.44.0-8 - Obsolete ol...

Low: Red Hat Security Advisory: OpenShift Virtualization 2.4.2 Images

Red Hat OpenShift Virtualization release 2.4.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a...

Moderate: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update is now available for Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

SUSE-SU-2019:2192-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ipreass on big packet input bsc1143794. - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources bsc1135902. - CVE-2019-13164: Security fi...

Security update for qemu (important)

This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use...

SUSE SLES11 Security Update : kvm (SUSE-SU-2018:1308-1) (Spectre)

This update for kvm fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrates with corresponding changes in libvirt. A January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl featur...

SUSE SLES11 Security Update : kvm (SUSE-SU-2018:1077-1) (Spectre)

This update for kvm fixes the following issues : - This update has the next round of Spectre v2 related patches, which now integrates with corresponding changes in libvirt. A January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl...

SUSE-SU-2018:0279-1 Security update for libvirt

This update for libvirt provides several fixes. This security issue was fixed: - CVE-2018-5748: Prevent resource exhaustion via qemuMonitorIORead method which allowed to cause DoS bsc1076500. These security issues were fixed: - Add a qemu hook script providing functionality similar to Xen's...

Security Advisory 0031

Security Advisory 0031 PDF Date: January 3rd, 2018 Version: 1.0 Revision| Date| Changes ---|---|--- 1.0 | January 3rd, 2018 | Initial Release 1.1 | January 8th, 2018 | Updated description with expanded analysis Arista Products vulnerability report for the following CVEs: Spectre CVE-2017-5753:...

netOctopus Agent nantsys.sys MSR Write Local Privilege Escalation

netOctopus Agent, an asset management agent, is installed on the remote host. The installed version of netOctopus Agent includes a driver, named 'nantsys.sys', that exposes a device interface writable by all local users, allowing them to read and write arbitrary CPU Model Specific Registers MSRs....