CLSA-2025-1761323691 Fix CVE(s): CVE-2025-0840

SECURITY UPDATE: stack-based buffer overflow in disassemblebytes function - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow by restricting size of insnwidth buffer - CVE-2025-0840...

CLSA-2025-1761261543 Fix CVE(s): CVE-2024-56171

SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171...

DEBIAN-CVE-2023-53724

In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633adcasyncread req is allocated in pcf50633adcasyncread, but adcenqueuerequest could fail to insert the req into queue. We need to check the return value and free it in the case o...

EUVD-2008-4387

Malware in sbrugna...

EUVD-2014-0507

Malware in sbrugna...

CLSA-2025-1758289801 Fix CVE(s): CVE-2025-53101

SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix image filename interpretation issue by adjusting the offset value - CVE-2025-53101...

Linux Distros Unpatched Vulnerability : CVE-2022-50407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos...

DEBIAN-CVE-2023-53423

In the Linux kernel, the following vulnerability has been resolved: objtool: Fix memory leak in createstaticcallsections strdup allocates memory for keyname. We need to release the memory in the following error paths. Add free to avoid memory leak...

DEBIAN-CVE-2022-50368

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight bridges. Patchwork:...

DEBIAN-CVE-2023-53329

In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq-stats increment KCSAN has discovered a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-race i...

DEBIAN-CVE-2023-53263

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveauconnectorcreate We can't simply free the connector after calling drmconnectorinit on it. We need to clean up the drm side first. It might not fix all regressions fr...

DEBIAN-CVE-2023-53260

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat linkpathwalk inodepermission ovlpermission ovlipathrealinode, &realpath path-dentry = ovlidentryupperinode dropcache dentrykillovldentry...

DEBIAN-CVE-2022-50295

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: Fix NULL pointer dereference in iomsgsendfd Syzkaller produced the below call trace: BUG: KASAN: null-ptr-deref in iomsgring+0x3cb/0x9f0 Write of size 8 at addr 0000000000000070 by task repro/16399 CPU: 0 PID:...

DEBIAN-CVE-2025-39785

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix irqrequest's irq name variable is local The local variable is passed in requestirq , and there will be use after free problem, which will make requestirq failed. Using the global irq name instead of it to...

CLSA-2025-1757523038 Fix CVE(s): CVE-2025-1735

SECURITY UPDATE: inadequate error checking in pgsql and pdopgsql escaping functions - debian/patches/CVE-2025-1735.patch: Add error checks for escape function in pgsql and pdopgsql extensions to prevent storing of improperly escaped data - CVE-2025-1735...

CLSA-2025-1757076749 Fix CVE(s): CVE-2025-54574

SECURITY UPDATE: Disable URN protocol access to prevent potential security vulnerabilities - debian/patches/CVE-2025-54574.patch: Add ACL rules to deny URN protocol access by default - CVE-2025-54574...

CLSA-2025-1756928197 Fix CVE(s): CVE-2025-26603

SECURITY UPDATE: fix use-after-free vulnerability in buffer closing - debian/patches/CVE-2025-26603.patch: Fix heap use-after-free in strtoreg - CVE-2025-26603...

CLSA-2025-1756830276 Fix CVE(s): CVE-2024-47252

SECURITY UPDATE: insufficient escaping of user-supplied data in logging configurations - debian/patches/CVE-2024-47252.patch: Escape ssl vars to prevent potential security vulnerabilities - CVE-2024-47252...

DEBIAN-CVE-2025-38675

In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize stateptrs earlier in xfrmstatefind In case of preemption, xfrmstatelookat will find a different pcpuid and look up states for that other CPU. If we matched a state for CPU2 in the statecache while the look...

DEBIAN-CVE-2023-32249

In the Linux kernel, the following vulnerability has been resolved: ksmbd: not allow guest user on multichannel This patch return STATUSNOTSUPPORTED if binding session is guest...