212 matches found
RHEL 9 : kernel-rt (RHSA-2025:21136)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21136 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
CVE-2025-39981
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmtpending being freed while still being processed like in the following trace, in order to fix mgmtpendingvalid is introduce and use to check...
CVE-2025-39981 Bluetooth: MGMT: Fix possible UAFs
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmtpending being freed while still being processed like in the following trace, in order to fix mgmtpendingvalid is introduce and use to check...
PT-2025-42256
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to Bluetooth MGMT handling, potentially leading to use-after-free UAF conditions. This issue arises from the improper management of mgmt pending...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987390)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987390 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ibcorecleanup KASAN reported a null-ptr-deref error: KASAN:...
Malicious code in user-mgmt (npm)
The package user-mgmt was found to contain malicious code...
MAL-2025-27468 Malicious code in ng2-id-mgmt (npm)
The package ng2-id-mgmt was found to contain malicious code...
SUSE CVE-2025-38117
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmtpending list with its own lock This uses a mutex to protect from concurrent access of mgmtpending list which can cause crashes like: ==================================================================...
AZL-64556 CVE-2025-38117 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmtpending list with its own lock This uses a mutex to protect from concurrent access of mgmtpending list which can cause crashes like: ==================================================================...
DEBIAN-CVE-2025-38117
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmtpending list with its own lock This uses a mutex to protect from concurrent access of mgmtpending list which can cause crashes like: ==================================================================...
PT-2025-27703
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc7 Description: A vulnerability in the Linux kernel's Bluetooth management has been resolved by protecting the mgmt pending list with its own lock, preventing crashes due to concurrent access. The issue...
Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50127: net: sched: fix use-after-free in tapriochange bsc1232908. CVE-2024-50279: dm...
SUSE-SU-2025:20450-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 - CVE-2024-50301:...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Added a check for mgmtallocskb in mgmtdeviceconnected. Added a check on the return value of mgmtallocskb in mgmtdeviceconnected to prevent null pointer dereferencing...
Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005591 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc123909...
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238324. CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900. CVE-2024-58013:...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Rea...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-49855: nbd: fix race between timeout and normal completion bsc1232900 CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: CVE-2025-21680: pktgen: avoid out-of-bounds access in getimixentries bsc1236701 CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync bsc1239096 CVE-2024-57996: netsched: schsfq:...
Malicious code in sess-mgmt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29c16cd4681ce57c3517c8eb02325b85b1d23b80065b782616b42f03b524a289 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...