SUSE-SU-2025:0548-1 Security update for libtasn1

This update for libtasn1 fixes the following issues: - CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes quadratic time to complete. bsc1236878...

CVE-2025-21179 DHCP Client Service Denial of Service Vulnerability

...

Azure Linux 3.0 Security Update: bind / dhcp (CVE-2024-1737)

The version of bind / dhcp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1737 advisory. - Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same...

Security Bulletin: IBM Maximo Application Suite uses path-to-regexp-0.1.7.tgz which is vulnerable to CVE-2024-45296.

Summary IBM Maximo Application Suite uses path-to-regexp-0.1.7.tgz which is vulnerable to CVE-2024-45296. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: path-to-regexp turns path strings into a regular...

UBUNTU-CVE-2024-9631

An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow...

CVE-2024-9631 Inefficient Algorithmic Complexity in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 13.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, where viewing diffs of MR with conflicts can be slow...

CVE-2024-9631

CVE-2024-9631 concerns an inefficiency in GitLab CE/EE where viewing diffs for merge requests with conflicts can be slow across all versions starting from 13.6 up to 17.2.9, from 17.3 up to 17.3.5, and from 17.4 up to 17.4.2. This is described as an algorithmic/processing slowdown impacting avail...

CVE-2024-9631

Removed by vendor...

CVE-2024-57897 drm/amdkfd: Correct the migration DMA map direction

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following warning. Before finialize this solution,...

Lower than expected performance with AMD CPUs and DOD

Lower than expected performance when using AMD CPUs on the VDA and Citrix Display Only Driver DOD which could result in perceived lag. The lag might be more noticeable with multiple monitors and is only observed with AMD CPUs. These symptoms might be observed with CVAD versions prior to 2212 or...

CVE-2024-54120

Race condition vulnerability in the distributed notification module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

PT-2025-42743

Name of the Vulnerable Software and Affected Versions golang versions 1.15 golang versions 1.19 Description The software experiences quadratic complexity during the parsing of certain invalid inputs when handling PEM encoded data. This can lead to performance issues. Recommendations Update to a...

PT-2025-42740

Name of the Vulnerable Software and Affected Versions golang versions 1.15 golang versions 1.19 Description The software exhibits quadratic complexity when checking name constraints in X.509 certificate validation. This can lead to performance issues during certificate verification. Recommendatio...

CVE-2024-53190 wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with ueventshow on stack trace. That specific issue was addressed by another commit 0, but even with that fix applied...

samba bug fix update

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...

EulerOS 2.0 SP12 : unbound (EulerOS-SA-2024-2959)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to...

CVE-2024-52798

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgra...

PT-2024-35449

Name of the Vulnerable Software and Affected Versions path-to-regexp versions 0.1.x through 0.1.11 Description The issue concerns a performance vulnerability in path-to-regexp, where certain inputs can generate regular expressions vulnerable to backtracking, leading to poor performance. This...

CVE-2024-47187

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to us...

RHEL 8 : kernel (RHSA-2024:5388)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5388 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: CVE-2024-36971 kernel: UAF in...