Security Bulletin: This Power System update is being released to address CVE-2025-52497

Summary When Linux Secure Boot is enabled, a malformed public key certificate in the grubdb or grubdbx can cause a DoS blocking Linux partition boot or make a limited amount of partition memory available. Vulnerability Details CVEID:CVE-2025-52497 DESCRIPTION: Mbed TLS before 3.6.4 has a PEM...

Security Bulletin: This Power System update is being released to address CVE-2025-49087

Summary Mbed-TLS is used by partition firmware for Linux secure boot. This update is being released to mitigate any potential impacts to Linux partitions with secure boot enabled. Vulnerability Details CVEID:CVE-2025-49087 DESCRIPTION: In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing...

The vulnerability of the lp_setup() function in the Secure Boot environment loader of the Linux operating system allows a hacker to cause a system failure.

The vulnerability of the lpsetup function, a loader for the Secure Boot mechanism in Linux kernel, arises from writing beyond buffer boundaries. The Linux driver/char/lp.c code does not perform boundary checking on the parportnr array. Exploiting this vulnerability could allow an attacker to caus...