EUVD-2024-55358

Glutton V1 service endpoints were exposed without any authentication on Gotham stacks, this could have allowed users that did not have any permission to hit glutton backend directly and read/update/delete data. The affected service has been patched and automatically deployed to all Apollo-managed...

CVE-2024-49587 Glutton V1 endpoints missing authentication

Glutton V1 service endpoints were exposed without any authentication on Gotham stacks, this could have allowed users that did not have any permission to hit glutton backend directly and read/update/delete data. The affected service has been patched and automatically deployed to all Apollo-managed...

CVE-2024-49587

CVE-2024-49587 concerns Glutton V1: unauthenticated endpoints on Gotham stacks could let attackers access backend data (read/update/delete). The issue is confirmed across Red Hat/NVD/CVE listings and related feeds, with a documented root cause of exposed service endpoints and no user authenticati...

[SECURITY] Fedora 42 Update: mod_md-2.6.6-1.fc42

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

[SECURITY] Fedora 43 Update: mod_md-2.6.7-1.fc43

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...

SUSE CVE-2025-68170

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree devres managed rdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc rdev is managed by devres and we shouldn't be calling kfree on it. This fixes things exploding if the...

EUVD-2025-203726

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree devres managed rdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc rdev is managed by devres and we shouldn't be calling kfree on it. This fixes things exploding if the...

CVE-2025-68222

In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32pinctrldesc s32pinctrldesc is allocated with devmkmalloc, but not all of its fields are initialized. Notably, numcustomparams is used in pinconfgenericparsedtconfig, resulting in...

UBUNTU-CVE-2025-68181

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drmputdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc drmputdev'ing to trigger it to be free'd should be done by devres. However, drmputdev is still in the probe...

CVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CT

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...

CVE-2025-68193

Summary (CVE-2025-68193) : The Linux kernel’s drm/xe/guc driver introduced a devm-managed release action to safely tear down CTB during buffer object release when XE_BO_FLAG_GGTT_INVALIDATE is set, preventing a use-after-free scenario that could crash the system. The issue arose from premature CT...

CVE-2025-68172 crypto: aspeed - fix double free caused by devm

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68172 crypto: aspeed - fix double free caused by devm

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

PT-2025-51606

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the drm/xe/guc subsystem. Specifically, a premature release of the CTB buffer object BO when a BO is allocated with the XE BO FLAG GGTT INVALIDATE...

SUSE CVE-2023-53807

In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fix Oops in clkwzrdregisterdivider Smatch detected this potential error pointer dereference clkwzrdregisterdivider. If devmclkhwregister fails then it sets "hw" to an error pointer and then dereferences it o...

EUVD-2025-202287

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required...

EUVD-2023-60142

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...

UBUNTU-CVE-2023-53854

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...

DEBIAN-CVE-2023-53807

In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fix Oops in clkwzrdregisterdivider Smatch detected this potential error pointer dereference clkwzrdregisterdivider. If devmclkhwregister fails then it sets "hw" to an error pointer and then dereferences it o...

SUSE CVE-2025-40317

In the Linux kernel, the following vulnerability has been resolved: regmap: slimbus: fix buscontext pointer in regmap init calls Commit 4e65bda8273c "ASoC: wcd934x: fix error handling in wcd934xcodecparsedata" revealed the problem in the slimbus regmap. That commit breaks audio playback, for...