CVE-2025-21872

In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we remap the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows over a...

XenServer - Potential performance issues on imported Windows VMs

When importing Windows VMs into XenServer, for example by using the Conversion Manager virtual appliance or the OVF import functionality in XenCenter, in some circumstances these VMs may not have been optimized for peak performance, as they may be missing certain Viridian optimization flags. If y...

This Week in Spring – March 18th, 2025

Hi, Spring fans! I just got back from the amazing JavaOne show held in Redwood Shores. It was a fun, uproarious event and a great chance to reconnect with tons of friends, old and new. I love this community! One of the central highlights of this show? Java 24 is here, finally! And, as usual, we'v...

Improvements in Brute Force Attacks

New paper: "GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3." Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit...

Virtual Apps and Desktops - How to disable Microsoft Teams optimization

To disable HDX optimization for Microsoft Teams...

BIT-MARIADB-2023-52969

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

CVE-2025-21853

In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freezemutex during mmap operation We use map-freezemutex to prevent races between mapfreeze and memory mapping BPF map contents with writable permissions. The way we naively do this means we'll hold freezemutex...

AZL-58073 CVE-2023-52969 affecting package mariadb for versions less than 10.6.24-1

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...

CVE-2023-52969

CVE-2023-52969 concerns MariaDB Server crash due to an empty backtrace log, observed across multiple branches (MariaDB Server 10.4–11.0.* and 11.0.*) and related to make_aggr_tables_info and optimize_stage2. Connected advisories confirm the issue as a crash vulnerability (not a remote code execut...

Android SPF Memory Issues

SPF in AOSP version 5.10 and 5.15 kernels can create dangling TLB entries by misdirecting TLB flushes on race with mremap. The AOSP 5.10/5.15 kernels contain a non-upstream memory management optimization called "Speculative Page Fault" SPF. There have been a series of issues in this before, see...

Linux Distros Unpatched Vulnerability : CVE-2024-50263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fork: only invoke khugepaged, ksm hooks if no error There is no reason to invoke these hooks...

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to a denial of service (CVE-2024-47535)

Summary There is potentially a denial of service in Netty used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous...

Linux Distros Unpatched Vulnerability : CVE-2021-4440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET,...

Linux Distros Unpatched Vulnerability : CVE-2023-52761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: VMAPSTACK overflow detection thread-safe commit 31da94c25aea riscv: add VMAPSTACK overflow detection added support for CONFIGVMAPSTACK. If overflow is...

CVE-2025-21789 LoongArch: csum: Fix OoB access in IP checksum code for negative lengths

In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69e3a6aa6be2 "LoongArch: Add checksum optimization for 64-bit system" would cause an undefined shift and an out-of-bounds read. Commit 8bd795fedb84...

CVE-2025-21789

In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69e3a6aa6be2 "LoongArch: Add checksum optimization for 64-bit system" would cause an undefined shift and an out-of-bounds read. Commit 8bd795fedb84...

CVE-2025-27316

Cross-Site Request Forgery CSRF vulnerability in hosting.io JPG, PNG Compression and Optimization wp-image-compression allows Cross Site Request Forgery.This issue affects JPG, PNG Compression and Optimization: from n/a through = 1.7.35...

WordPress JPG, PNG Compression and Optimization Plugin <= 1.7.35 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin JPG, PNG Compression and Optimization versions = 1.7.35...

Malwarebytes introduces native ARM support for Windows devices

For the last four years, Malwarebytes has been protecting ARM-based machines running on Apple’s M-series processors. Now, we’ve expanded our protection range to include ARM-based Windows machines such as Copilot+ PCs, including Microsoft Surface Pro, Lenovo Yoga Slim and ThinkPad, and Dell...

[SECURITY] Fedora 40 Update: nginx-1.26.3-1.fc40

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...