PT-2025-53996

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the handling of initial ramdisks initrd on m68k platforms where physical memory does not start at address zero, such as on Amiga systems...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992335 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ipvsappnetcleanup During the initialization of ipvsappnetinit, if file ipvsa...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992264)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992264 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: fix strpinit order and cleanup strpinit is called just a few lines above this csk-skuserdata...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992501)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992501 advisory. In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omap3xxxprmlateinit offindmatchingnode returns a node pointer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper initialization of arrays, which could lead to reuse after release...

PT-2025-54035

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in fl change which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992369)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992369 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcsread 1, for buffe...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992507)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992507 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setupbasectxt setupbasectxt allocates a memory chunk for...

Malicious code in cryptozip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 157ea6b1f1c3d4ed5564c494db770e9156f3e269f12cefec6e4270085a762f26 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

XunRuiCMS 跨站脚本漏洞

XunRuiCMS XunRuiCMS is a content management system for individual developers of XunRuiCMS. A code injection vulnerability exists in XunRuiCMS 4.7.1 and earlier versions, which originates from the incorrect operation of the parameter callback in the file /dayrui/Fcms/Init.php, which may lead to...

Malicious code in extrazip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

SUSE-SU-2025:4528-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.50.4. Security issues fixed: - CVE-2025-14174: processing maliciously crafted web content may lead to memory corruption due to improper validation bsc1255497. - CVE-2025-43501: processing maliciously crafted web content m...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.50.4. Security issues fixed: CVE-2025-14174: processing maliciously crafted web content may lead to memory corruption due to improper validation bsc1255497. CVE-2025-43501: processing maliciously crafted web content may...

CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

CVE-2023-54028

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxecleanuptask" In the function rxecreateqp, rxeqpfrominit is called to initialize qp, internally things like rxeinittask are not setup until rxeqpinitreq. If an error...

fs/ntfs3: Initialize allocated memory before use

...

nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.

...

SUSE CVE-2023-54001

In the Linux kernel, the following vulnerability has been resolved: staging: r8712: Fix memory leak in r8712initxmitpriv In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. This patch fixes commit...

SUSE CVE-2023-54034

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...