USN-7879-2: Linux kernel (Real-time) vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...

USN-7879-1: Linux kernel vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...

SUSE-SU-2025:4140-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

CVE-2025-41733

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

EUVD-2025-197985

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

CVE-2025-41733

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

CVE-2025-41733

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

CVE-2025-41733 Possible malfunction credential injection

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

CVE-2025-41733

The CVE-2025-41733 issue affects METZ CONNECT EWIO2-M, EWIO2-M-BM, and EWIO2-BM devices. The commissioning wizard does not validate whether the device is already initialized, enabling an unauthenticated remote attacker to construct HTTP POST requests to set root credentials, potentially gaining f...

CVE-2025-41733 Possible malfunction credential injection

The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...

kernel: nfsd: don't ignore the return code of svc_proc_register()

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...

EUVD-2025-197910

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48593

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53103)

hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk-trans may not be initialized to NULL, which could lead to a dangling pointer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50201)

linux: drm/radeon: encoder-possibleclones. In the past nothing validated that drivers were populating possibleclones correctly, which resulted in some warnings during driver initialization. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

GnuTLS -- Stack write buffer overflow

GnuTLS reports: When a PKCS11 token is initialized with gnutlspkcs11tokeninit function and it is passed a token label longer than 32 characters, it may write past the boundary of stack allocated memory...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41068)

s390/sclp: sclpinit failure. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504592; scriptversion"1.2";...

kernel: of_numa: fix uninitialized memory nodes causing kernel panic

A flaw was found in the linux kernel ofnuma subsystem fails to properly initialize memory‑only NUMA nodes i.e., nodes without CPUs. When such nodes remain uninitialized, a subsequent call to freeareainit may access NODEDATA for those nodes and trigger a kernel panic due to a NULL pointer...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...