SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2026:0445-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0445-1 advisory. - CVE-2026-0665: Added PIRQ bounds check in xenphysdevmappirq to avoid an out-of-bounds heap. bsc1256484 Other fixes: -...

Security update for qemu

This update for qemu fixes the following issues: CVE-2026-0665: Added PIRQ bounds check in xenphysdevmappirq to avoid an out-of-bounds heap. bsc1256484 Other fixes: Fixed that QEMU migration fails if a qemu-vdagent channel is present in the VM bsc1257474 Patch Instructions: To install this SUSE...

SUSE-SU-2026:0445-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2026-0665: Added PIRQ bounds check in xenphysdevmappirq to avoid an out-of-bounds heap. bsc1256484 Other fixes: - Fixed that QEMU migration fails if a qemu-vdagent channel is present in the VM bsc1257474...

CVE-2025-12679

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption PBE key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. Note: The vulnerability is only triggered duri...

PT-2026-5694

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption PBE key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. Note: The vulnerability is only triggered duri...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-35854)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35854 advisory. - In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix...

MiracleLinux 4 : libvirt-0.9.10-21.1.0.1.AXS4 (AXSA:2012-655:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-655:03 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd...

Linux Distros Unpatched Vulnerability : CVE-2025-71078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded...

SUSE-SU-2025:4474-1 Security update 5.0.6 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

Security update 5.0.6 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

Linux Distros Unpatched Vulnerability : CVE-2025-68248

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new...

Maintenance update for Multi-Linux Manager 5.1.1

Description: This update fixes the following issues: Multi-Linux-Manager-Proxy-SLE-release: Update for the release packages for fixing the EOL Fixed migration issue bsc1243486 proxy-helm was updated fromv version 5.1.7 to 5.1.9: Version 5.1.9 Chart rebuilt to the newest version with updated...

CVE-2025-40006

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. removeinodesinglefolio will unmap the folio if the folio is still mapped. However, it's called without folio lock. If the folio is...

Linux Distros Unpatched Vulnerability : CVE-2024-6717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory...

Linux Distros Unpatched Vulnerability : CVE-2025-38640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nfhookrunbpf. syzbot reported that the netfilter bpf prog can be...

Linux Distros Unpatched Vulnerability : CVE-2025-38158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after...

Linux Distros Unpatched Vulnerability : CVE-2025-38283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hisiaccvfiopci: bugfix live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device...

CVE-2025-54566

hw/pci/pciesriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327...

CVE-2025-38283

CVE-2025-38283 : In the Linux kernel, a bug in the hisi_acc_vfio_pci live migration path could cause a NULL data address during device data migration when the VF device driver is not loaded in the guest. This leads to access errors on the destination during live migration recovery. The fix disabl...

SUSE CVE-2025-38158

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...