Security update for sudo

This update for sudo fixes the following issues: CVE-2025-32462: Fixed a possible local privilege escalation via the --host option bsc1245274. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

I added support for ALT Linux OVAL content in Linux Patch Wednesday

I added support forALT Linux OVAL contentin Linux Patch Wednesday. Now I track when specific CVEs were fixed in ALT Linux packages and take that into account when generating the monthly bulletins. The more data sources on patched vulnerabilities in Linux distributions are used, the more accurate...

SUSE CVE-2025-37813

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before preparetransfer and preparering, so enqueue can already point at the final link TRB of a segment. And indeed it will, some 0.4% of time...

DEBIAN-CVE-2025-21929

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in hidishtpclremove During the rmmod operation for the intelishtphid driver, a use-after-free issue can occur in the hidishtpclremove function. The function hidishtpcldeinit is called...

[SECURITY] [DLA 4102-1] linux-6.1 security update

Debian LTS Advisory DLA-4102-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 31, 2025 https://wiki.debian.org/LTS Package : linux-6.1 Version : 6.1.129-1deb11u1 CVE ID : CVE-2024-26596 CVE-2024-40945 CVE-2024-42069 CVE-2024-42122 CVE-2024-45001 CVE-2024-4772...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57890)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57890 advisory. - In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow...

DEBIAN-CVE-2024-56721

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum1386microcode array The erratum1386microcode array requires an empty entry at the end. Otherwise x86matchcpuwithstepping will continue iterate the array after it ended. Add an empty entry to...

Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001361 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...

October 2023: back to Positive Technologies, Vulristics updates, Linux Patch Wednesday, Microsoft Patch Tuesday, PhysTech VM lecture

October 2023: back to Positive Technologies, Vulristics updates, Linux Patch Wednesday, Microsoft Patch Tuesday, PhysTech VM lecture. Hello everyone! October was an interesting and busy month for me. I started a new job, worked on my open source Vulristics project, and analyzed vulnerabilities...

SUSE CVE-2021-29972

A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have remediated other, unknown security vulnerabilities as well. This vulnerability affects Firefox 90...

Threatpost News Wrap Podcast for May 18

Threatpost editors Tom Spring, Tara Seals and Lindsey O’Donnell discuss the week’s information security news, including some interesting new malware, a Linux patch that made waves, social engineering gambits and a major banking theft from the second-largest economy in Latin America...

Oracle MySQL Multiple Unspecified Vulnerabilities - 15 (Jun 2016) - Linux

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql";...

AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%

A security issue in Linux ASLR implementation which affects some AMD processors has been found. The issue affects to all Linux process even if they are not using shared libraries statically compiled. The problem appears because some mmapped objects VDSO, libraries, etc. are poorly randomized in a...

CVE-2014-2613

Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain privileges via unknown vectors...

iDefense Security Advisory 02.01.10: RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability

iDefense Security Advisory 02.01.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 01, 2010 I. BACKGROUND RealPlayer is an application for playing various media formats, developed by RealNetworks Inc. Since late 2003, Real Player has been based on the open-source Helix Player. More...

Code injection

linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/snap and b /tmp/nightly temporary files, related to the 1 maysnap and 2 maytest scripts...

CVE-2008-4966

linux-patch-openswan 2.4.12 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/snap and b /tmp/nightly temporary files, related to the 1 maysnap and 2 maytest scripts...

SUS 2.0.2 local root vulnerability

LSS Security Advisories http://security.lss.hr --- Title : SUS 2.0.2 local root vulnerability Advisory ID : LSS2004-09-01 Date : September 14th, 2004 Advisory URL: : http://security.lss.hr/index.php?page=details&ID=LSS-2004-09-01 Impact : Any user can obtain root privileges Risk level : High...

patch_for_ipc_vuln.txt

Subject: Re: KKIS19990914.004b: ShareDream - shared memory - ipc vulnerability To: [email protected] Attached is a trivial Linux-2.2.12 patch wich adds add a procfs entry for tuning the limit of shared memory allocable. /proc/sys/kernel/shmmax Max number of shared memory pages Attached is...

AMD K6 Processor - Denial of Service

source: https://www.securityfocus.com/bid/105/info A bug in Advance Micro Devices K6 processor allows non-privileged code to crash the machine. Under Linux 2.1.x a bug stops this vulnerability. $ cat a.s .text .align 4096 / r1 / .globl start start: movl start, %edi / S1 / cmpb 0x80000000%edi,%dl ...