kernel: s390/vmem: split pages when debug pagealloc is enabled

In the Linux kernel’s s390/vmem subsystem, a flaw exists in the handling of virtual memory area initialization when debug pagealloc is enabled. Under certain conditions, the kernel may access memory after it has been freed or mishandled during early boot or subsystem initialization, resulting in ...

kernel: mm/kmemleak: fix sleeping function called from invalid context at print message

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "sleeping function called from invalid context" warning when /sys/kernel/debug/kmemleak is printed under...

kernel: ext4: avoid use-after-free in ext4_ext_show_leaf()

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4extshowleaf In ext4findextent, path may be freed by error or be reallocated, so using a previously saved ppath may have been freed and thus may trigger use-after-free, as follows: ext4splitextent...

kernel: net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

Invalid login error is show when FAS is enabled on Rocky Linux 9.2

You deploy Rocky Linux 9.x FAS is configured and works fine on other OS like Windows, Ubuntu Issue is seen only with RHEL 9.x or Rocky Linux 9.x Invalid login prompt is thrown. Preauthentication errors are noticed in ctxkrb debug tool when installed for debug purposes on the Linux VDA...

SUSE CVE-2025-37844

In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifsserverdbg implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center linuxtesting.org with SVACE...

DEBIAN-CVE-2025-37844

In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifsserverdbg implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center linuxtesting.org with SVACE...

CVE-2025-37844

In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifsserverdbg implies server to be non-NULL so move call under condition to avoid NULL pointer dereference. Found by Linux Verification Center linuxtesting.org with SVACE...

SUSE CVE-2022-49888

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...

CVE-2025-47417

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse. When Enable Debug Images in Crestron Automate VX is active, snapshots of the captured video or portions thereof are stored locally on the system, and there is no visible...

CVE-2025-20154

A vulnerability in the Two-Way Active Measurement Protocol TWAMP server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service DoS condition. For Cisco IOS XR Software, this...

Do Not Start the debug-shell Service

The debug-shell service is used to locate faults that occur during system boot. This service is installed with systemd. The debug-shell service requires no authentication, that is, attackers can access the root shell by simply pressing Ctrl+Alt+F9 during systemd startup when the OS is booting. Th...

CVE-2025-47417 Enable Debug Images

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse. When Enable Debug Images in Crestron Automate VX is active, snapshots of the captured video or portions thereof are stored locally on the system, and there is no visible...

CVE-2025-47417 Enable Debug Images

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX allows Functionality Misuse. When Enable Debug Images in Crestron Automate VX is active, snapshots of the captured video or portions thereof are stored locally on the system, and there is no visible...

PT-2025-19988 · Crestron · Crestron Automate Vx

Name of the Vulnerable Software and Affected Versions: Crestron Automate VX versions 5.6.8161.21536 through 6.4.0.49 Description: The issue allows exposure of sensitive information to an unauthorized actor, enabling functionality misuse. When the Enable Debug Images feature in Crestron Automate V...

Crestron Automate VX 安全漏洞

Crestron Automate VX is an enterprise-grade intelligent space automation platform from Crestron, Inc. that integrates AV control, IoT device management, and data analytics. A security vulnerability exists in Crestron Automate VX versions 5.6.8161.21536 through 6.4.0.49, which stems from the...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21957)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21957 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debu...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21957)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21957 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: qla1280: Fix kernel oops when debu...

scsi: qla1280: Fix kernel oops when debug level > 2

...

xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr

A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk...