Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-391389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-391389 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: fix panic with metadatadst skb Fix a kernel panic in the brnetfilter modu...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414373)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414373 advisory. An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211bssinfoupdate function...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414332 advisory. A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414339 advisory. An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTRCHANNELLIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the oldcodec48 process when decoding SANM frames using run-length encoding, as the decoded data may exceed the allocated buffer size. An attacker can cause memory corruption or potentially execute arbitrary code b...

DEBIAN-CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg versions prior to 8.0, which stems from decoding frames without checking if the decoded data exceeds the allocated buffer, potentially resulting i...

Mozilla Multiple Products Remote Code Execution Vulnerability

Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of...

SUSE CVE-2025-39948

In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice driver...

EUVD-2025-32389

In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice driver...

CVE-2025-39948

In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice driver...

AZL-75296 CVE-2025-39948 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice driver...

UBUNTU-CVE-2025-39948

In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice driver...

CVE-2025-39948 ice: fix Rx page leak on multi-buffer frames

In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice driver...

CVE-2025-39948

The CVE-2025-39948 issue is in the Linux kernel ice driver’s RX path for multi-buffer/XDP frames. A zero-size descriptor could cause ice_put_rx_mbuf() to skip a buffer, preventing ice_put_rx_buf() and leaving a stale page in the RX ring. This could break page reuse/free logic (ice_reuse_rx_page) ...

CVE-2025-39948 ice: fix Rx page leak on multi-buffer frames

In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice driver...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly freeing Rx pages when processing multi-buffer frames, which could lead to a memory leak...

RockyLinux 10 : kernel (RLSA-2025:8137)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8137 advisory. kernel: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 kernel: vsock: Keep the binding until socket...

RockyLinux 10 : tomcat9 (RLSA-2025:11332)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11332 advisory. tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2...

PT-2025-40644

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel ice driver contains a flaw in the ice put rx mbuf function that can lead to a memory leak when handling multi-buffer frames. Specifically, if the hardware posts a...