EUVD-2025-15863

Malicious code in bioql PyPI...

scsi: core: ufs: Fix a hang in the error handler

...

CVE-2025-53817 GHSL-2025-059 - 7-Zip - Null pointer array write attempt in NArchive::NCom::CHandler::GetStream

7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue...

CVE-2025-38253

In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix crash in wacomaesbatteryhandler Commit fd2a9b29dc9c "HID: wacom: Remove AES powersupply after extended inactivity" introduced wacomaesbatteryhandler which is scheduled as a delayed work aesbatterywork. In...

CVE-2025-38119 scsi: core: ufs: Fix a hang in the error handler

In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and...

SUSE-SU-2025:02074-1 Security update for python313

This update for python313 fixes the following issues: Update to version 3.13.5. Security issues fixed: - CVE-2025-4517: arbitrary filesystem writes outside the extraction directory during extraction with filter='data' bsc1244032 - CVE-2025-4516: use-after-free in the unicode-escape decoder when...

CVE-2025-37991

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix double SIGFPE crash Camm noticed that on parisc a SIGFPE exception will crash an application with a second SIGFPE in the signal handler. Dave analyzed it, and it happens because glibc uses a double-word floating-point...

CVE-2025-37991

CVE-2025-37991 describes a PA-RISC (parisc) Linux kernel issue where a SIGFPE exception can crash an application if a second SIGFPE is delivered in the signal handler. The root cause is traced to glibc using a double-word floating-point store to atomically update function descriptors, causing a t...

CVE-2025-37815

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current...

CVE-2025-37828

CVE-2025-37828 affects the Linux kernel in the SCSI/UFS MCQ path. A race between MCQ completion and the abort handler can lead to dereferencing a NULL hwq pointer after __blk_mq_free_request() sets rq->mq_hctx to NULL. The fix adds a NULL check on the returned hwq in ufshcd_mcq_abort(); if hwq...

CVE-2025-37815 misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration Resolve kernel panic while accessing IRQ handler associated with the generated IRQ. This is done by acquiring the spinlock and storing the current...

CVE-2025-21805 RDMA/rtrs: Add missing deinit() call

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Add missing deinit call A warning is triggered when repeatedly connecting and disconnecting the rnbd: listadd corruption. prev-next should be next ffff88800b13e480, but was ffff88801ecd1338. prev=ffff88801ecd1340...

CVE-2024-53211 net/l2tp: fix warning in l2tp_exit_net found by syzbot

In the Linux kernel, the following vulnerability has been resolved: net/l2tp: fix warning in l2tpexitnet found by syzbot In l2tp's net exit handler, we check that an IDR is empty before destroying it: WARNONONCE!idrisempty&pn-l2tptunnelidr; idrdestroy&pn-l2tptunnelidr; By forcing memory allocatio...

SUSE-SU-2024:2379-1 Security update for jbigkit

This update for jbigkit fixes the following issues: - CVE-2022-1210: Fixed denial of service in TIFF File Handler bsc1198146...

CVE-2023-52688

CVE-2023-52688 affects the Linux kernel wifi driver ath12k, where an error path in the core rfkill config fail path did not free allocated resources. The issue could cause resource leaks by not destroying the core pdev when rfkill config initialization fails. The accompanying fix adds a call to c...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Do not enable irqs when handling spurious interrups We triggered the following error while running our 4.19 kernel with the pseudo-NMI patches backported to it: 14.816231 ------------ cut here ------------ 14.8162...

kernel security and bug fix update

kernel-2.4.21-57.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - ora 5088963: io to nfs partition hangs - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli kernel-2.4.21-57.EL -...

Fedora Core 6 : kernel-2.6.20-1.2944.fc6 (2007-432)

Updated to upstream linux kernel 2.6.20.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.6 CVE-2007-1357: The atalksumskb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote...