SUSE-SU-2025:20590-1 Security update for xz

This update for xz fixes the following issues: - CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414...

Security update for xz

This update for xz fixes the following issues: CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

CVE-2025-21464

Information disclosure while reading data from an image using specified offset and size parameters...

Linux Distros Unpatched Vulnerability : CVE-2021-46940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset functio...

Linux Distros Unpatched Vulnerability : CVE-2022-50221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid...

Linux Distros Unpatched Vulnerability : CVE-2022-49785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Add overflow check in sgxvalidateoffsetlength sgxvalidateoffsetlength function...

Linux Distros Unpatched Vulnerability : CVE-2025-22039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix overflow in dacloffset bounds check The dacloffset field was originally typed as int and used in an unchecked addition, which could overflow and bypa...

Linux Distros Unpatched Vulnerability : CVE-2021-47605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vdusedevioctl The config.offset comes from the user. There...

Linux Distros Unpatched Vulnerability : CVE-2025-38195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LoongArch: Fix panic caused by NULL-PMD in hugepteoffset ERROR INFO: CPU 25 Unable to handle kernel paging request at virtual address 0x0 ... Call Trace:...

Linux Distros Unpatched Vulnerability : CVE-2021-47604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in getconfig This condition checks len but it does...

Integer Overflow or Wraparound

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the offset/bytesize validation in SharedMemoryManager::GetMemoryInfo. An attacker ca...

CVE-2025-21464

Information disclosure while reading data from an image using specified offset and size parameters...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets, which stems from the fact that reading data from an image using specified offset and size parameters could lead to information disclosure...

Lightweight Fault Detection Architecture for NTT on FPGA

Post-Quantum Cryptographic PQC algorithms are mathematically secure and resistant to quantum attacks but can still leak sensitive information in hardware implementations due to natural faults or intentional fault injections. The intent fault injection in side-channel attacks reduces the reliabili...

PT-2025-35996

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the BPF subsystem related to jump offset calculation in tailcall functionality. An extra pass during BPF compilation can skip JIT context...

SUSE CVE-2025-38466

In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAPSYSADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the requested offset, but d...

LoongArch: Return NULL from huge_pte_offset() for invalid PMD

...

SUSE CVE-2025-38195

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix panic caused by NULL-PMD in hugepteoffset ERROR INFO: CPU 25 Unable to handle kernel paging request at virtual address 0x0 ... Call Trace: hugepteoffset+0x3c/0x58 hugetlbfollowpagemask+0x74/0x438...

SUSE CVE-2025-38196

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: validate buffer count with offset for cloning syzbot reports that it can trigger a WARNON for kmalloc attempt that's too big: WARNING: CPU: 0 PID: 6488 at mm/slub.c:5024 kvmallocnodenoprof+0x520/0x640 mm/slub.c:5024...

CVE-2025-38221

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out of bounds punch offset Punching a hole with a start offset that exceeds maxend is not permitted and will result in a negative length in the truncateinodepartialfolio function while truncating the page cache,...