39 matches found
EUVD-2023-60022
In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/devdax: fix kernel crash when probing devdax devices commit 4917f55b4ef9 "mm/sparse-vmemmap: improve memory savings for compound devmaps" added support for using optimized vmmemap for devdax devices. But how vmemmap...
CVE-2023-53686
In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...
CVE-2025-38486
In the Linux kernel, the following vulnerability has been resolved: soundwire: Revert "soundwire: qcom: Add setchannelmap api support" This reverts commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch broke Dragonboard 845c sdm845. I see: Unexpected kernel BRK exception at EL1 Internal...
CVE-2025-38486 soundwire: Revert "soundwire: qcom: Add set_channel_map api support"
In the Linux kernel, the following vulnerability has been resolved: soundwire: Revert "soundwire: qcom: Add setchannelmap api support" This reverts commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch broke Dragonboard 845c sdm845. I see: Unexpected kernel BRK exception at EL1 Internal...
CVE-2025-38486 soundwire: Revert "soundwire: qcom: Add set_channel_map api support"
In the Linux kernel, the following vulnerability has been resolved: soundwire: Revert "soundwire: qcom: Add setchannelmap api support" This reverts commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch broke Dragonboard 845c sdm845. I see: Unexpected kernel BRK exception at EL1 Internal...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Now treats platformmax consistently as a control value. This change is reflected in commit 9bdd10d57a88 “ASoC: ops: Shifted test values in sndsocputvolsw by +min”, and some additional related updates have been made...
DEBIAN-CVE-2025-37889
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Consistently treat platformmax as control value This reverts commit 9bdd10d57a88 "ASoC: ops: Shift tested values in sndsocputvolsw by +min", and makes some additional related updates. There are two ways the platformmax...
DEBIAN-CVE-2022-49844
In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...
DEBIAN-CVE-2022-49379
In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was timing out when deferredprobetimeout was non-zero 1. This was because ipautoconfig initcall times out waiting for the network interfac...
CVE-2024-57952
CVE-2024-57952 affects the Linux kernel through a revert of the libfs offset-dir fix, restoring prior behavior that could hide directory entries when the offset allocator wraps. Public docs in the SUSE/OpenSUSE advisories note this as a fix delivered via kernel updates (openSUSE-SU-2025-20081-1) ...
CLSA-2025-1738170565 vim: Fix of 5 CVEs
CVE-2023-2610: limit the text length to MAXCOL - CVE-2023-4735: don't overflow buf2, check size in for loop - CVE-2023-4750: check buffer is valid before accessing it - CVE-2023-4752: validate buffer before accessing it - CVE-2023-4781: disallow exchanging windows when textlock is active - Drop...
UBUNTU-CVE-2024-53127
In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" increased the maxreqsize, even for 4K pages, causing various issues: - Panic...
SUSE CVE-2024-42102
In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wbdirtylimits, again" Patch series "mm: Avoid possible overflows in dirty throttling". Dirty throttling logic assumes dirty limits in page units fit into 32-bits. This patch...
UBUNTU-CVE-2023-52657
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver reboot and power off cycles...
UBUNTU-CVE-2024-29895
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
USN-6055-2 ruby2.3, ruby2.5, ruby2.7 regression
USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to fix the regression pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Ruby...
CLSA-2022-1667512639 Fix CVE(s): CVE-2016-3709
SECURITY UPDATE: Possible cross-site scripting vulnerability in libxml2 - debian/patches/CVE-2016-3709.patch: Revert commit 960f0e27 that has some problems - CVE-2016-3709 Fix parser termination from "Double hyphen within comment" error...
USN-3621-2 ruby1.9.1, ruby2.0 regression
USN-3621-1 fixed vulnerabilities in Ruby. The update caused an issue due to an incomplete patch for CVE-2018-1000074. This update reverts the problematic patch pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Ruby incorrectly...
Fedora 19 : qt-4.8.5-15.fc19 (2013-22932)
Qt Project Security Advisory: XML Entity Expansion Denial of Service CVE-2013-4549 See also http://lists.qt-project.org/pipermail/announce/2013-December/000036.ht ml In addition, this update : - adds support for the aarch64 architecture, - fixes QTBUG-35459, a too low character limit for XML...