CVE-2025-30205

kanidim-provision is a helper utility that uses kanidm's API to provision users, groups and oauth2 systems. Prior to version 1.2.0, a faulty function intrumentation in the optional kanidm patches provided by kandim-provision will cause the provisioned admin credentials to be leaked to the system...

CLSA-2025-1736470237 Fix of 32 CVEs

CVE-url: https://ubuntu.com/security/CVE-2021-47466 - mm, slub: fix potential memoryleak in kmemcacheopen CVE-url: https://ubuntu.com/security/CVE-2024-36968 - Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit Bionic update: upstream stable patchset 2021-06-23 LP: 1933375 // CVE- url:...

CLSA-2024-1733142968 Fix of 13 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-52614 - time: Introduce jiffies64tomsecs - PM / devfreq: Modify the indentation of transstat sysfs for readability - PM / devfreq: Do not show statistics if it's not ready. - PM / devfreq: Fix buffer overflow in transstatshow Bionic update: upstream...

CLSA-2024-1722535359 Fix of 18 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-25739 - ubi: Check for too small LEB size in VTBL code Bionic update: upstream stable patchset 2021-06-01 LP: 1930472 // CVE- url: https://ubuntu.com/security/CVE-2021-46960 - cifs: Return correct error code from smb2getenckey CVE-url:...

CLSA-2024-1716269479 Fix of 42 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmfcfg80211detach CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in...

CVE-2024-35784

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock with fiemap and extent locking While working on the patchset to remove extent locking I got a lockdep splat with fiemap and pagefaulting with my new extent lock replacement lock. This deadlock exists with our...

CVE-2024-35784

The CVE-2024-35784 entry concerns the Linux kernel: btrfs deadlock during fiemap/extent locking. Root cause: the extent lock was held for the entire fiemap traversal, risking pagefaults and deadlocks when fiemap data is copied to user space (mkwrite during mmap). Impact: potential deadlock in fil...

CVE-2024-4140

An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set from 2020 and 2024 limits excessive depth and the total number of parts...

CVE-2021-47011 mm: memcontrol: slab: fix obtain a reference to a freeing memcg

In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series "Use objcgroup APIs to charge kmem pages", v5. Since Roman's series "The new cgroup slab memory controller" applied. All slab objects are charged with t...

rpm security update

4.14.3-28.0.2 - Import additional patches to fix regressions with CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 patchset Orabug: 36256318 4.14.3-28.0.1 - Fixed infinte loop for dbcreate with error check Orabug: 36202920 4.14.3-28 - Backport file handling code from rpm-4.19 to fix...

CVE-2023-45229

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IANA or IATA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

CVE-2023-45231

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

CLSA-2023-1695046791 Fix of 7 CVEs

Bionic update: upstream stable patchset 2022-12-01 LP: 1998542 // CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections Bionic update: upstream stable patchset 2022-12-01 LP: 1998542 - Revert "x86/cpu: Add a steppings field to struct x86cpuid" - x86/cpufeature: Add facility to check for m...

Spotlight server-side Share Path Disclosure

Description As part of the Spotlight protocol, the initial request returns a path associated with the sharename targeted by the RPC request. Samba returns the real server-side share path at this point, as well as returning the absolute server-side path of results in search queries by clients. Kno...

shim security update

15.6-1.0.3 - Update shimx64.efi and shimia32.efi signed by Microsoft JIRA: OLDIS-16370 15.6-1.0.2 - Update to shim-unsigned v15.6.rc2 JIRA: OLDIS-16370 15.6-1.0.1 - Update to shim-unsigned v15.6.rc1 JIRA: OLDIS-16370 15.5-1.0.3 - Update vendor certs JIRA: OLDIS-16370 - Update oraclegrub2-sig-key...

llvm-toolset:ol8 security update

clang 12.0.1-4.0.1 - Use all available CPU cores for build - Recognize Oracle Linux distros OraBug: 29422714 12.0.1-4 - Trojan source clang-tidy patchset fix 12.0.1-3 - Trojan source clang-tidy patchset...

RHEL 8 : kernel-rt (RHSA-2020:1567)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1567 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Important: Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

bpftool, kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2020:0375 An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

CentOS: Security Advisory for bpftool (CESA-2020:0375)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...