[SECURITY] [DLA 4584-1] openssh security update

Debian LTS Advisory DLA-4584-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón May 15, 2026 https://wiki.debian.org/LTS Package : openssh Version : 1:8.4p1-5+deb11u7 CVE ID : CVE-2025-61984 CVE-2025-61985 CVE-2026-35385 CVE-2026-35386 CVE-2026-35387...

SUSE CVE-2026-43012

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...

CLSA-2026-1777976917 openssh: Fix of CVE-2026-35385

CVE-2026-35385: when downloading files as root in legacy -O mode and without the -p preserve modes flag, scp1 did not clear setuid/setgid bits from downloaded files. Backport upstream commit 487e8ac1 to mask out the setuid/setgid bits in this case...

Linux Distros Unpatched Vulnerability : CVE-2026-43012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollba...

EUVD-2026-26611

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...

PT-2026-36429

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net/mlx5 component where a failure during switchdev mode transition triggers an incorrect rollback to legacy mode. This process unregisters the uplink netdev and...

CLSA-2026-1777586245 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: scp1 downloading as root in legacy mode without -p did not clear setuid/setgid bits on downloaded files. - debian/patches/CVE-2026-35385.patch: clear setuid/setgid bits from umask in sink when -p is not set - CVE-2026-35385...

CLSA-2026-1777567965 openssh: Fix of CVE-2026-35385

CVE-2026-35385: when downloading files as root in legacy -O mode and without the -p preserve modes flag, scp1 did not clear setuid/setgid bits from downloaded files. Backport upstream commit 487e8ac1 to mask out the setuid/setgid bits in this case...

CLSA-2026-1777556512 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: setuid/setgid bits preserved on scp downloads without -p - debian/patches/CVE-2026-35385.patch: in legacy -O mode, OR 07000 into the saved umask in sink in scp.c so that setuid/setgid/sticky bits are stripped from received files when -p is not specified. - CVE-2026-35385...

CLSA-2026-1777546896 openssh: Fix of CVE-2026-35385

CVE-2026-35385: when downloading files as root in legacy -O mode and without the -p preserve modes flag, scp1 did not clear setuid/setgid bits from downloaded files. Backport upstream commit 487e8ac1 to mask out the setuid/setgid bits in this case...

CLSA-2026-1777542837 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: scp setuid/setgid bit handling - debian/patches/CVE-2026-35385.patch: when downloading files as root in legacy -O mode and without the -p preserve modes flag, mask out setuid/setgid bits in scp1 sink. - CVE-2026-35385...

CVE-2025-29949

CVE-2025-29949 is an AMD ASP Boot Loader issue limited to legacy recovery mode. The connected documents confirm insufficient input parameter sanitization in the ASP Boot Loader, which could allow an out-of-bounds write that corrupts Secure DRAM and may cause a denial of service. Affected software...

CVE-2025-29949

Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: iommu/vt-d: debugfs: Fixed the legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR might be uninitialized or zero in that case, and may cause errors like: - Oops: General...

CVE-2025-68697

n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n instances where the Code node runs in legacy non-task-runner JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node...

Exposed Dangerous Method or Function

Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function in the Code node when running in legacy JavaScript execution mode. An attacker can access or modify files on the host system with the same privileges as the application process by invoking internal...

CVE-2022-50720

In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC or xAPIC, and Extended APIC or x2APIC. X2APIC mode is mostly compatible with legacy APIC, but it disables the memory-mapped APIC interface in favor...

SUSE CVE-2025-40155

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR maybe uninitialized or zero in that case and may cause oops like: Oops: general protection fault,...

CVE-2025-40155

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR maybe uninitialized or zero in that case and may cause oops like: Oops: general protection fault,...

EUVD-2025-124928

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b. SSPTPTR maybe uninitialized or zero in that case and may cause oops like: Oops: general protection fault,...