AZL-79592 CVE-2025-69645 affecting package binutils 2.37-20

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...

CVE-2025-38591

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...