4722 matches found
SUSE CVE-2025-37969
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup in stlsm6dsxreadtaggedfifo Prevent stlsm6dsxreadtaggedfifo from falling in an infinite loop in case patternlen is equal to zero and the device FIFO is not empty...
DEBIAN-CVE-2025-37970
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup in stlsm6dsxreadfifo Prevent stlsm6dsxreadfifo from falling in an infinite loop in case patternlen is equal to zero and the device FIFO is not empty...
UBUNTU-CVE-2025-37969
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup in stlsm6dsxreadtaggedfifo Prevent stlsm6dsxreadtaggedfifo from falling in an infinite loop in case patternlen is equal to zero and the device FIFO is not empty...
CVE-2025-37956
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...
DEBIAN-CVE-2025-37956
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...
UBUNTU-CVE-2025-37956
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...
CVE-2025-37956
CVE-2025-37956 : In the Linux kernel, the ksmbd component is vulnerable to a race/validation issue where a client can send an empty newname string to the ksmbd server, potentially causing a kernel oops in d_alloc. The patch resolves this by returning an error when attempting to rename a file or d...
CVE-2025-37956 ksmbd: prevent rename with empty string
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from dalloc. This patch return the error when attempting to rename a file or directory with an empty new na...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling empty string rename requests, which could cause the kernel to crash...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: CVE-2025-3891: denial of service via POST requests with an empty Content-Type header and with OIDCPreservePost On bsc1242015. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
kernel: net: ppp: Add bound checking for skb data on ppp_sync_txmung
An out-of-bounds read vulnerability exists in the pppsynctxmunge function in the Linux kernel's PPP subsystem. Insufficient bounds checking on incoming PPP packets may lead to a kernel crash if a packet with an empty or truncated payload is processed...
OESA-2025-1518 mariadb security update
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...
OESA-2025-1517 mariadb security update
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...
OESA-2025-1516 mariadb security update
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...
kernel: drm/amdgpu: add list empty check to avoid null pointer issue
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cases. - listforeachentrysafe...
kernel: ppp: fix ppp_async_encode() illegal access
In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...
SUSE CVE-2025-3416
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
RHEL 8 : mod_auth_openidc:2.3 (RHSA-2025:4597)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4597 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connec...
Do Not Allow Empty Links
Empty links are redundant files and waste system resources. In addition, if a file is installed or created at the target location of an empty link, the file can be accessed through the link, leading to possible information leakage or tampering. If the file to which the link points has been delete...
Do Not Allow Login with an Empty Password
Login with an empty password means that a user can log in to a system without a password. If an empty password is allowed for login, the user with an empty password may be attacked or may be used by attackers. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted fro...