PT-2026-20839

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.3.6 SPIP versions prior to 4.2.17 SPIP versions prior to 4.1.20 Description SPIP versions prior to 4.3.6, 4.2.17, and 4.1.20 contain a Cross-Site Scripting XSS issue within the private area. The error message displayed...

PT-2026-26113

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to exception handling within the LoongArch BPF JIT compiler. Specifically, the kernel did not proactively call the common fixup routine to...

PT-2025-34411

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the hfsplus filesystem. Syzbot reported an issue where a mutex lock check in hfsplus free extents could trigger warnings and errors during...

PT-2025-52665

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc1-next Description The Linux kernel contains an issue within the jbd2 journaling system. A bug can occur in the jbd2 journal get create access function when the file system is corrupted. Specifically, th...

PT-2025-23000

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious...

PT-2025-27859

Name of the Vulnerable Software and Affected Versions PHP versions prior to 8.1.33 PHP versions prior to 8.2.29 PHP versions prior to 8.3.23 PHP versions prior to 8.4 php7.4 php8.2 Description The pgsql and pdo pgsql escaping functions do not verify if the underlying quoting functions return...

Fedora 41 : iwd / libell (2024-256818da09)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-256818da09 advisory. iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix issue with GCC 15 and -std=c23 build errors. Add support for using PMKSA over SAE if...

CVE-2024-56713

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: fix nsimppholdwrite nsimppholdwrite has two problems: 1 It may return with rtnl held, as found by syzbot. 2 Its return value does not propagate an error if any...

SUSE CVE-2024-56538

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpkms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an...

CVE-2024-56614

In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from multiple issues in the bpfmsgpopdata function in the bpf module, which could lead to memory errors...

AZL-54804 CVE-2024-56657 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

DEBIAN-CVE-2024-56657

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56570

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause error...

UBUNTU-CVE-2024-56657

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657 ALSA: control: Avoid WARN() for symlink errors

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657 ALSA: control: Avoid WARN() for symlink errors

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN for symlink errors Using WARN for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each...

CVE-2024-56657

CVE-2024-56657 relates to the Linux kernel ALSA: control path where WARN() was used for symlink creation errors. The fix downgrades these warnings to dev_err() and adds the function name to the prefix to reduce confusion (notably for fuzzers). This is a patch-level remediation described in Azure ...

CVE-2024-56647 net: Fix icmp host relookup triggering ip_rt_bug

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...