CVE-2025-37803

CVE-2025-37803 : Linux kernel vulnerability in udmabuf where a buffer size overflow can occur during udmabuf creation. The root cause is improper size calculation, mitigated by casting size_limit_mb to u64 when computing pglimit. Connected advisories corroborate a kernel fix; patches are deployed...

CVE-2025-22071 spufs: fix a leak in spufs_create_context()

In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufscreatecontext Leak fixes back in 2008 missed one case - if we are trying to set affinity and spufsmkdir fails, we need to drop the reference to neighbor...

CVE-2023-52974 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...

SUSE SLES15 Security Update : kernel (Live Patch 24 for SLE 15 SP4) (SUSE-SU-2025:0251-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0251-1 advisory. This update for the Linux Kernel 5.14.21-15040024111 fixes several issues. The following security issues were fixed: - CVE-2024-36971: Fixed...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update

An update for kpatch-patch-5140-284521, kpatch-patch-5140-284791, and kpatch-patch-5140-284921 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

CVE-2024-53175

In the Linux kernel, the following vulnerability has been resolved: ipc: fix memleak if msginitns failed in createipcns Percpu memory allocation may failed during createipcns however this fail is not handled properly since ipc sysctls and mq sysctls is not released properly. Fix this by release...

CVE-2024-50186 net: explicitly clear the sk pointer, when pf->create fails

In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...

CVE-2022-48644

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In an incredibly strange API design decision, qdisc-destroy gets called even if qdisc-init never succeeded, not exclusively since commit 87b60cfacf9f "netsched:...

SUSE-SU-2024:1437-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 115.10.1 Security fixes MFSA 2024-20 bsc1222535: - CVE-2024-3852: GetBoundName in the JIT returned the wrong object bmo1883542 - CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement...

krb5 security, bug fix, and enhancement update

1.20.1-8.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.20.1-8 - Fix datetime parsing in kadmin on s390x - Resolves: rhbz2169985 1.20.1-7 - Fix double free on kdb5util key creation failure - Resolves: rhbz2166603 1.20.1-6 - Add support for MS-PAC extended KDC signature...

DRUPAL-CONTRIB-2023-008

This module enables you to associate Forums as Group 1.x content and use Group access permissions. Previous versions of the module incorrectly set node access on creation, and did not correctly restrict access to lists of forum topics...

SUSE-SU-2021:0906-1 Security update for SUSE Manager Server 4.1

This update fixes the following issues: cobbler: - Fix string replacement for @@xyz@@ - Better performing string replacements grafana-formula: - Set supported to false for unsupported systems bsc1182001 - Add SLES 15 SP3 and openSUSE Leap 15.3 to supported versions mgr-libmod: - Fix 'listmodules'...

SUSE SLES12 Security Update : samba (SUSE-SU-2020:2721-1)

"This update for samba fixes the following issues : ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC CVE-2020-1472, bsc1176579...

samba security, bug fix, and enhancement update

openchange 2.3-24.0.1 - Add patch to build against samba 4.11 2.3-24 - Rebuild for newer samba and libldb samba 4.11.2-13 - resolves: 1802182 - Fix join using netbios name 4.11.2-12 - related: 1781232 - Improve debug output of smbclient - resolves: 1794461 - Do not return bogus inode numbers in...

Unbreakable Enterprise kernel security update

4.1.12-124.36.3 - Fix KABI error by keeping the struct field being removed by the below patch Ritika Srivastava Orabug: 30902926 - Revert 'PCI: Check pref compatible bit for mem64 resource of PCIe device' Ritika Srivastava Orabug: 30902926 4.1.12-124.36.2 - rds: Use bitmap to designate dropped...

openSUSE Security Update : subversion (openSUSE-SU-2013:1442-1)

This subversion update includes a security fix and several minor changes. - update to 1.7.13 bnc836245 - User-visible changes : - General - merge: fix bogus mergeinfo with conflicting file merges - diff: fix duplicated path component in '--summarize' output - raserf: ignore case when checking...

kernel security update

2.6.18-194.17.4.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug...