CVE-2025-32022

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

CVE-2024-0760

A flaw was found in the bind9 package, where a malicious client may send many DNS messages over the TCP protocol, leading to instabilities on the server side and potentially causing a denial of service. The server will recover automatically once the attack ceases. Mitigation Mitigation for this...

Updated microcode packages fix security vulnerabilities

This update provides new microcode fixes and mitigations for Spectre CVE-2017-5715 for many Intel CPUs produced in the last 5 years. So far the Intel microcode updates are for several processors from many of Intel Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake, Gemini Lake, Apollo Lake,...

Scientific Linux Security Update : microcode_ctl on SL6.x, SL7.x i386/x86_64 (20180116) (Spectre)

This update supersedes the previous microcode update provided with the CVE-2017-5715 Spectre CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the Spectre mitigation that could lead to system instabilities. As a result, th...

Scientific Linux Security Update : linux-firmware on SL7.x (noarch) (20180116) (Spectre)

This update supersedes the previous microcode update provided with the CVE-2017-5715 Spectre CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the Spectre mitigation that could lead to system instabilities. As a result, th...

CentOS 7 : linux-firmware (CESA-2018:0094) (Spectre)

An update for linux-firmware is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 7.3 Extended...

Oracle Linux 6 / 7 : microcode_ctl (ELSA-2018-0093) (Spectre)

From Red Hat Security Advisory 2018:0093 : An update for microcodectl is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterpri...

microcode_ctl security update

CentOS Errata and Security Advisory CESA-2018:0093 The microcodectl packages provide microcode updates for Intel and AMD processors. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 “Spectre” CPU branch injection vulnerability mitigation. Historically, Red Hat has...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : firefox regression (USN-1681-4)

USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos,...

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (cisco-sa-20110928-sip)

Multiple vulnerabilities exist in the Session Initiation Protocol SIP implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affect...

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

Multiple vulnerabilities exist in the Session Initiation Protocol SIP implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affect...