MiracleLinux 4 : kernel-2.6.32-696.1.1.el6 (AXSA:2017-1639:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1639:03 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operatin...

SUSE-SU-2025:3947-1 Security update for jasper

This update for jasper fixes the following issues: - Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. - CVE-2025-8836: Added some missing range checking on several coding parameters in the...

Security update for sccache

This update for sccache fixes the following issues: CVE-2025-55159 - updated slab with the uninit memory access fix bsc1248003 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Fedora 43 : bird (2025-182c305561)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-182c305561 advisory. BIRD 3.1.4 2025-09-22 BGP: Fixed crash on Notification with a message, CVE-2025-59688 BGP: Fixed invalid memory access in pending TX flush BGP: Fixed a rare...

SUSE-SU-2025:02510-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 - CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak bsc1246534 - CVE-2025-53101: Fixed input manipulation ma...

CVE-2025-38292

The CVE-2025-38292 issue affects the Linux kernel’s wifi driver ath12k, where in ath12k_dp_rx_msdu_coalesce() the code may access rxcb->is_continuation after freeing the associated skb, causing a use-after-free. The fix is to locally copy the is_continuation value from rxcb so further referenc...

CVE-2022-50094 spmi: trace: fix stack-out-of-bound access in SPMI tracing functions

In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions tracespmiwritebegin and tracespmireadend both call memcpy with a length of "len + 1". This leads to one extra byte being read beyond the end of the specified...

CVE-2022-50094

CVE-2022-50094 relates to Linux kernel spmi trace: trace_spmi_write_begin() and trace_spmi_read_end() use memcpy() with length len + 1, causing a potential stack-out-of-bounds read. A KASAN report demonstrates an out-of-bounds read in trace_event_raw_event_spmi_read_end. The issue affects the SPM...

CVE-2025-38027

In the Linux kernel, the following vulnerability has been resolved: regulator: max20086: fix invalid memory access max20086parseregulatorsdt calls ofregulatormatch using an array of struct ofregulatormatch allocated on the stack for the matches argument. ofregulatormatch calls...

libX11 security update

An update is available for libX11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libX11 packages contain the core X11 protocol client library. Security...

CVE-2025-37782

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2022-49799

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if setsyntheventprintfmt failed, then both traceremoveeventcall and unregistertraceevent will be called, which means the traceeventcall will call...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-802)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-802 advisory. In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' CVE-2024-36478 In the Linux kernel, the...

CVE-2025-21784

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bail out when failed to load fw in pspinitcapmicrocode In function pspinitcapmicrocode, it should bail out when failed to load firmware, otherwise it may cause invalid memory access...

CVE-2022-49174

In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4mbmarkbb with flexbg with fastcommit In case of flexbg feature which is by default enabled, extents for any given inode might span across blocks from two different block group. ext4mbmarkbb only reads the bufferhead...

CVE-2024-56619

CVE-2024-56619 — Linux kernel nilfs2 . A potential out-of-bounds memory access in nilfs_find_entry() when an inode’s i_size is large/corrupted. Root cause: i_size upper 32 bits were lost due to a local variable type, causing underflow in end-address calculation. Fix: replace the offending local v...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50148)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50148 advisory. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory- access...

CVE-2024-26670 arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD Currently the ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory access, but is immediately...

CVE-2024-26664 hwmon: (coretemp) Fix out-of-bounds memory access

In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Fix out-of-bounds memory access Fix a bug that pdata-cpumap is set before out-of-bounds check. The problem might be triggered on systems with more than 128 cores per package...

SUSE CVE-2019-25160

In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipsov4maplvlvalid, the other in netlblbitmapwalk. Both errors are embarassingly simple, and the fixes are straightforward. As ...