DEBIAN-CVE-2025-38066

In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUGON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves a partially initialized policy object. Repeating the resume...

DEBIAN-CVE-2025-38041

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparent GPU clock during frequency changes The H616 manual does not state that the GPU PLL supports dynamic frequency configuration, so we must take extra care when changing the frequency. Currently any...

CVE-2025-38066 dm cache: prevent BUG_ON by blocking retries on failed device resumes

In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUGON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves a partially initialized policy object. Repeating the resume...

CVE-2025-38066 dm cache: prevent BUG_ON by blocking retries on failed device resumes

In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUGON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves a partially initialized policy object. Repeating the resume...

CVE-2025-38064 virtio: break and reset virtio devices on device_shutdown()

In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on deviceshutdown Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory accesses during the hang. Invalid read at addr 0x102877002, size 2, region 'null', reason: rejected...

CVE-2025-38064 virtio: break and reset virtio devices on device_shutdown()

In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on deviceshutdown Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory accesses during the hang. Invalid read at addr 0x102877002, size 2, region 'null', reason: rejected...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from cm3605 not handling error paths correctly during probing, which could lead to a resource leak...

PT-2025-25801 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the x86/sev component. The issue occurs when kdump is running makedumpfile to generate vmcore and dump SNP guest memor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the virtio device not being properly reset at shutdown resulting in memory access errors...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from arm64 cacheinfo incorrectly assigning signed error values to unsigned fwlevels, which could lead to memory...

CVE-2025-49848

CVE-2025-49848 corresponds to LS Electric GMWin 4, involving an Out-of-bounds Write during PRJ file parsing caused by insufficient input validation. Documented effects include memory corruption (reading/writing past end of allocated data structures). Several connected sources tie this to GMWin 4 ...

gimp: Multiple use after free in XCF parser

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...

gimp: Multiple use after free in XCF parser

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...

gimp: Multiple heap buffer overflows in TGA parser

A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

RHEL 8 : firefox (RHSA-2025:9075)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:9075 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to certification errors in golang.org/x/crypto/ssh [CVE-2024-45341]

Summary IBM Watson Speech Services Cartridge is vulnerable to certification errors in golang.org/x/crypto/ssh, because of conditions which incorrectly satisfy a URI name constraint that applies to certificate chains. CVE-2024-45341. Golang.org/x/crypto/ssh is used as part of our speech utilities...

Medium: python3-tornado

Issue Overview: Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume ...

Google Go 安全漏洞

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google, Inc. A security vulnerability exists in Google Go that stems from inconsistent handling of symbolic links, which could lead to file creation errors...

AMD Versal Adaptive SoC 安全漏洞

AMD Versal Adaptive SoC is a chip from Ultra Micro Semiconductor AMD. A security vulnerability exists in AMD Versal Adaptive SoC that stems from an SSS misconfiguration that could result in data being incorrectly written and read...