Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings venv-salt-minion: Fix the typo causing buiding EL9 bundle without binary dependencies Backport security patches for Salt vendored tornado: CVE-2025-67724: missing validation of supplied reason phrase...

CVE-2025-68776 net/hsr: fix NULL pointer dereference in prp_get_untagged_frame()

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...

SUSE-SU-2025:4475-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-90...

Security update 5.0.6 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

Security update 5.1.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

Security update 5.1.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

SUSE-SU-2025:4448-1 Security update 5.1.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

EUVD-2025-11267

Malicious code in bioql PyPI...

SUSE-SU-2025:02499-1 Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 - CVE-2024-38824: Fixed directory...

CVE-2025-38204 jfs: fix array-index-out-of-bounds read in add_missing_indices

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds read in addmissingindices stbl is s8 but it must contain offsets into slot which can go from 0 to 127. Added a bound check for that error and return -EIO if the check fails. Also make jfsreaddir...

CVE-2025-38082 gpio: virtuser: fix potential out-of-bound write

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix potential out-of-bound write If the caller wrote more characters, count is truncated to the max available space in "simplewritetobuffer". Check that the input size does not exceed the buffer size. Write a zero...

PT-2025-27954 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the version that includes the fix for the max sge overflow in smb extract folioq to rdma Description: A vulnerability has been resolved in the Linux kernel related to the max sge overflow in smb extract folioq t...

PT-2025-22232 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue was found in the Linux kernel, specifically in the bcm2835-camera module. This occurred because the dev-v4l2 dev was not initialized before being passe...

RLSA-2024:9192 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

CVE-2024-58054

In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712 module: Unable to handle kernel paging request at virtual address 00007375746174db Mem abort...

Linux Distros Unpatched Vulnerability : CVE-2022-49339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: ipv6: unexport init-annotated seg6hmacinit EXPORTSYMBOL and init is a bad combination...

CVE-2022-49581

In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow in begetmoduleeeprom becmdreadporttransceiverdata assumes that it is given a buffer that is at least PAGEDATALEN long, or twice that if the module supports SFF 8472. However, this is not always the cas...

CVE-2022-49536

The CVE-2022-49536 entry concerns the Linux kernel SCSI LPFC deadlock in I/O completion and abort handling under heavy stress (500+ vports). Affected component is the lpfc driver within the SCSI subsystem. The root cause is a deadlock between the lpfc_cmd->buf_lock and phba->hbalock during ...

CVE-2022-49444 module: fix [e_shstrndx].sh_size=0 OOB access

In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...

CVE-2024-36413

SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the import module error view allows for a cross-site scripting attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue...