CVE-2025-40119

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4mbinit In ext4mbinit, ext4mbavgfragmentsizedestroy may be called when sbi-smbavgfragmentsize remains uninitialized e.g., if groupinfo slab cache allocation fails. Since...

CVE-2025-64407 Apache OpenOffice: URL fetching can be used to exfiltrate arbitrary INI file values and environment variables

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. Such links could also be used to transmit system information, such as environment variable...

kernel: pstore/ram: Check start of empty przs during init

An out of bounds array vulnerability exists in the linux kernel, such that a missing check on the start field of a PRZ persistent ram zone during initialization leads to damage to the availability and integrity of the system...

kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails

A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...

Malicious code in ophiuchus-nconf-init-relay (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a2cf8d25782cf0be02795f39624b8174d2128655c12d53b293cb8fef2012c45 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

kernel: crypto: seqiv - Handle EBUSY correctly

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...

kernel: crypto: seqiv - Handle EBUSY correctly

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...

kernel: pstore/ram: Check start of empty przs during init

An out of bounds array vulnerability exists in the linux kernel, such that a missing check on the start field of a PRZ persistent ram zone during initialization leads to damage to the availability and integrity of the system...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from an incorrect initialization sequence of the qaic startup log, which could lead to contention conditions an...

PT-2025-46602

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the hardware random number generator hwrng and the ks-sa driver. A division by zero error occurs in the ks sa rng init function due to an...

RHEL 7 : kernel (RHSA-2025:21063)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21063 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: core: fix...

EulerOS 2.0 SP12 : libssh (EulerOS-SA-2025-2363)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990855)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990855 advisory. In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer isn't initialized by callers, but I ha...

Linux Distros Unpatched Vulnerability : CVE-2025-40147

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-throttle: fix access race during throttle policy activation On repeated cold boots we occasionally hit a NULL pointer crash in blkshouldthrotl when...

SUSE-SU-2025:4057-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

kernel: crypto: tegra - do not transfer req when tegra init fails

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegracmacinit or tegrashainit function may return an error when memory is exhausted. It should not transfer the request when they return an error...

kernel: vxlan: check vxlan_vnigroup_init() return value

In the Linux kernel, the following vulnerability has been resolved: vxlan: check vxlanvnigroupinit return value vxlaninit must check vxlanvnigroupinit success otherwise a crash happens later, spotted by syzbot. Oops: general protection fault, probably for non-canonical address 0xdffffc000000002c:...

kernel: igb: Fix potential invalid memory access in igb_init_module()

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igbinitmodule The pciregisterdriver can fail and when this happened, the dcanotifier needs to be unregistered, otherwise the dcanotifier can be called when igb fails to install, resulti...

kernel: can: j1939: j1939_send_one(): fix missing CAN header initialization

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fix missing CAN header initialization The read access to struct canxlframe::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled elements in struct canframe...

kernel: RDMA/core: Don't expose hw_counters outside of init net namespace

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hwcounters outside of init net namespace Commit 467f432a521a "RDMA/core: Split port and device counter sysfs attributes" accidentally almost exposed hw counters to non-init net namespaces. It didn't expose...