DEBIAN-CVE-2025-21985

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses WHAT & HOW hpostreamtolinkencodermapping has size MAXHPODP2ENCODERS=4, but location can have size up to 6. As a result, it is necessary to check location against MAXHPODP2ENCODERS...

UBUNTU-CVE-2025-21985

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses WHAT & HOW hpostreamtolinkencodermapping has size MAXHPODP2ENCODERS=4, but location can have size up to 6. As a result, it is necessary to check location against MAXHPODP2ENCODERS...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.44.0.3), ai.h2o:h2o-algos (>=3.2.0.1 <=3.44.0.3) +34 more potentially affected by CVE-2024-8062 via ai.h2o:h2o-core (>=3.2.0.1 <=3.44.0.3)

ai.h2o:h2o-core MAVEN version =3.2.0.1, =3.34.0.1, =3.2.0.1, =3.2.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.1.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.34.0.3, =3.30.0.1, =3.44.0.3 and more Source cves: CVE-2024-8062 Source advisory: OSV:GHSA-5C8J-G96X-CJ78...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2024-6854 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)

ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-6854 Source advisory: SNYK:JAVA-AIH2O-9486740...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2024-10549 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)

ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-10549 Source advisory: SNYK:JAVA-AIH2O-9486742...

CVE-2025-22228

BCryptPasswordEncoder.matchesCharSequence,String will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same...

Authentication Bypass by Primary Weakness

Overview org.springframework.security:spring-security-crypto is a spring-security-crypto library for Spring Security. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in the BCryptPasswordEncoder.matches function, which only takes the first 72 characte...

RLSA-2024:9456 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

SUSE CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

DEBIAN-CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

UBUNTU-CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074 drm/i915: Grab intel_display from the encoder to avoid potential oopsies

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074 drm/i915: Grab intel_display from the encoder to avoid potential oopsies

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab inteldisplay from the encoder to avoid potential oopsies Grab the inteldisplay from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intelsanitizeencoder, which passes NULL as...

CVE-2024-58074

Technical details and impact for CVE-2024-58074 are not publicly provided in the supplied documents; monitor for updates.

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from obtaining inteldisplay from an encoder, which could result in a null pointer dereference...

FFmpeg Buffer Overflow Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version 7.1 and earlier versions, which originates from the ffaacsearchfortns function in the libavcodec/aacenctns.c file of the AAC Encoder...

SUSE CVE-2022-49203

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix double free during GPU reset on DC streams Why The issue only occurs during the GPU reset code path. We first backup the current state prior to commiting 0 streams internally from DM to DC. This state backup...