PT-2025-40125

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the drm/vmwgfx module related to cursor handling. Insufficient validation of the copybox size for snooped cursors could lead to memory copy...

PT-2025-42272

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow issue exists in the Linux kernel’s SCSI target core configuration file system. The issue stems from the use of snprintf to write into a buffer named buf within the targ...

kernel security update

3.10.0-1160.119.1.0.12 - scsi: lpfc: Use memcpy for BIOS version CVE-2025-38332 Orabug: 38414589 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 Orabug: 38414589...

kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : net-tools (SUSE-SU-2025:03260-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03260-1 advisory. Security issues fixed: - CVE-2025-46836: missing bounds check in getname may lead to a stack buffer...

DEBIAN-CVE-2023-53434

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add custom memory copy implementation for i.MX DSP Cores The IRAM is part of the HiFi DSP. According to hardware specification only 32-bits write are allowed otherwise we get a Kernel panic. Therefore add...

UBUNTU-CVE-2023-53434

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add custom memory copy implementation for i.MX DSP Cores The IRAM is part of the HiFi DSP. According to hardware specification only 32-bits write are allowed otherwise we get a Kernel panic. Therefore add...

CVE-2023-53434 remoteproc: imx_dsp_rproc: Add custom memory copy implementation for i.MX DSP Cores

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add custom memory copy implementation for i.MX DSP Cores The IRAM is part of the HiFi DSP. According to hardware specification only 32-bits write are allowed otherwise we get a Kernel panic. Therefore add...

Security update for net-tools

This update for net-tools fixes the following issues: Security issues fixed: CVE-2025-46836: missing bounds check in getname may lead to a stack buffer overflow bsc1243581. Avoid unsafe use of memcpy in ifconfig bsc1248687. Prevent overflow in ax25 and netrom bsc1248687. Fix stack buffer overflow...

SUSE-SU-2025:03260-1 Security update for net-tools

This update for net-tools fixes the following issues: Security issues fixed: - CVE-2025-46836: missing bounds check in getname may lead to a stack buffer overflow bsc1243581. - Avoid unsafe use of memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom bsc1248687. - Fix stack buffer...

SUSE SLES12 Security Update : net-tools (SUSE-SU-2025:03245-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03245-1 advisory. Security issues fixed: - Avoid unsafe use of memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom bsc1248687. - Fix stack buffer...

Security update for net-tools

This update for net-tools fixes the following issues: Security issues fixed: Avoid unsafe use of memcpy in ifconfig bsc1248687. Prevent overflow in ax25 and netrom bsc1248687. Fix stack buffer overflow in parsehex bsc1248687. Fix stack buffer overflow in procgenfmt bsc1248687. Other issues fixed:...

SUSE CVE-2023-53320

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

CVE-2023-53320

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

CVE-2023-53320

CVE-2023-53320 (Linux kernel) relates to scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info(). The patch fixes four issues in mpi3mr_get_all_tgt_info(): (1) valid entry length now uses the correct header size (sizeof(u64) instead of sizeof(u32)); (2) kern_entrylen no longer subtracts one from nu...

CVE-2023-53320 scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info()

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2144)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave.CVE-2022-49557 A cross-privilege Spectre v2 vulnerability allows attackers...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2134)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave.CVE-2022-49557 A cross-privilege Spectre v2 vulnerability allows attackers...

AlmaLinux 9 : kernel (ALSA-2025:15661)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15661 advisory. kernel: drm/vkms: Fix use after free and double free on init error CVE-2025-22097 kernel: scsi: lpfc: Use memcpy for BIOS version CVE-2025-38332 kernel:...

SUSE CVE-2022-50325

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...