EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2464)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: qla2xxx: Fix warning message due to adisc being flushedCVE-2022-49158 scsi: qla2xxx: Implement ref count for SRBCVE-2022-49159 tcp: add...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991185 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb...

SUSE-SU-2025:4346-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132...

CVE-2025-40314

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget In the cdnspgadgetinit and cdnspgadgetexit functions, the gadget structure pdev-gadget was freed before its endpoints. The endpoints are...

CVE-2023-53796

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fsmoveinlinedirents When converting an inline directory to a regular one, f2fs is leaking uninitialized memory to disk because it doesn't initialize the entire directory block. Fix this by...

CVE-2023-53856

In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call ofchangesetinit early When ofoverlayfdtapply fails, the changeset may be partially applied, and the caller is still expected to call ofoverlayremove to clean up this partial state. However, ofoverlayapply calls...

SUSE CVE-2022-50671

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix "kernel NULL pointer dereference" error When rxequeueinit in the function rxeqpinitreq fails, both qp-req.task.func and qp-req.task.arg are not initialized. Because of creation of qp fails, the function rxecreateqp...

SUSE CVE-2023-53796

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fsmoveinlinedirents When converting an inline directory to a regular one, f2fs is leaking uninitialized memory to disk because it doesn't initialize the entire directory block. Fix this by...

SUSE CVE-2023-53837

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

SUSE CVE-2023-53856

In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call ofchangesetinit early When ofoverlayfdtapply fails, the changeset may be partially applied, and the caller is still expected to call ofoverlayremove to clean up this partial state. However, ofoverlayapply calls...

SUSE CVE-2025-40338

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...

Linux Distros Unpatched Vulnerability : CVE-2022-50646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: hpsa: Fix possible memory leak in hpsainitone The hpdaallocctlrinfo allocates h and its field replymap. However, in hpsainitone, if allocpercpu failed, th...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gnutls (SUSE-SU-2025:4323-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4323-1 advisory. - CVE-2025-9820: Fixed buffer overflow in gnutlspkcs11tokeninit. bsc1254132 Tenable has extracted the...

(0Day) (Pwn2Own) oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CM...

EUVD-2025-201864

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...

EUVD-2023-60164

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...

EUVD-2022-55734

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix "kernel NULL pointer dereference" error When rxequeueinit in the function rxeqpinitreq fails, both qp-req.task.func and qp-req.task.arg are not initialized. Because of creation of qp fails, the function rxecreateqp...

CVE-2025-40338

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...

CVE-2023-53856

In the Linux kernel, the following vulnerability has been resolved: of: overlay: Call ofchangesetinit early When ofoverlayfdtapply fails, the changeset may be partially applied, and the caller is still expected to call ofoverlayremove to clean up this partial state. However, ofoverlayapply calls...

CVE-2023-53832

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...