DEBIAN-CVE-2025-37872

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix memory leak in txgbeprobe error path When txgbeswinit is called, memory is allocated for wx-rsskey in wxinitrsskey. However, in txgbeprobe function, the subsequent error paths after txgbeswinit don't free the...

CVE-2025-37837 iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix warnings due to dmamfreecoherent Two WARNINGs are observed when SMMU driver rolls back upon failure: arm-smmu-v3.9.auto: Failed to register iommu arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed...

The vulnerability of the f2fs_unlock_rpages() function in the fs/f2fs/compress.c module of the F2FS file system support in Linux kernel allows a malicious actor to cause a service failure.

The vulnerability of the f2fsunlockrpages function in the fs/f2fs/compress.c module of the F2FS file system support in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the sprd_i2c_master_xfer() function in the drivers/i2c/busses/i2c-sprd.c module of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the sprdi2cmasterxfer function in the drivers/i2c/busses/i2c-sprd.c module of the Linux kernel is related to security configuration errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-37817 mcb: fix a double free bug in chameleon_parse_gdd()

In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails, 'mdev' would be released in mcbdeviceregister via putdevice. Thus, goto 'err' label and free 'mdev' again causes a double free. Jus...

sssd bug fix update

An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

RLSA-2024:4237 Moderate: go-toolset security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses CVE-2024-2479...

python3.11 security update

An update is available for python3.11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

RLSA-2024:3062 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

SUSE CVE-2022-49769

In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading superblock Fuzzers like to scribble over sbbsizeshift but in reality it's very unlikely that this field would be corrupted on its own. Nevertheless it should be checked to avoid the...

The vulnerability of ZIP files stored in the Apache Solr search server allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of ZIP files processed by the Apache Solr search server is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when fetching and updating IOCTL during IFE output resource ID validation...

The vulnerability of the Packet Forwarding Engine (PFE) module in Junos OS routers of the SRX series allows a hacker to cause a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in Junos OS routers of the SRX series is related to errors in processing input data length parameters. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending specially crafted packets...

PT-2025-19706

Name of the Vulnerable Software and Affected Versions iputils versions through 20240905 Description The issue allows for a denial of service, resulting in application error or incorrect data collection, via a crafted ICMP Echo Reply packet. This is caused by a signed 64-bit integer overflow in...

DEBIAN-CVE-2023-53092

In the Linux kernel, the following vulnerability has been resolved: interconnect: exynos: fix node leak in probe PM QoS error path Make sure to add the newly allocated interconnect node to the provider before adding the PM QoS request so that the node is freed on errors...

CVE-2023-53085

In the Linux kernel, the following vulnerability has been resolved: drm/edid: fix info leak when failing to get panel id Make sure to clear the transfer buffer before fetching the EDID to avoid leaking slab data to the logs on errors that leave the buffer unchanged...

CVE-2023-53094 tty: serial: fsl_lpuart: fix race on RX DMA shutdown

In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown: : : lpuart32shutdown lpuartdmashutdown deltimersync lpuartdmarxcomplete lpuartcopyrxtotty modtimer...

SUSE CVE-2025-37754

In the Linux kernel, the following vulnerability has been resolved: drm/i915/huc: Fix fence not released on early probe errors HuC delayed loading fence, introduced with commit 27536e03271da "drm/i915/huc: track delayed HuC load with a fence", is registered with object tracker early on driver pro...

The vulnerability of the move_page_tables() function in the Linux operating system allows a hacker to increase their privileges and execute arbitrary code.

The vulnerability of the movepagetables function in the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges and execute arbitrary code...

The vulnerability of the mfd component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the mfd component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...