Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990862)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990862 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiexgetprivbyid mwifiexgetprivbyid returns the pri...

xorg: xmayland: Use-after-free in XPresentNotify structure creation

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...

DEBIAN-CVE-2025-12863

A flaw was found in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory regi...

CVE-2025-12863

...

PT-2025-45506

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description A flaw exists in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function manages document pointers during XML node movements between documents. Improper handling of...

Oracle Linux 10 : qt6-qtsvg (ELSA-2025-19772)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-19772 advisory. 6.8.1-1.1 - Fix CVE-2025-10729: Prevent dangling pointers from misplaced elements Resolves: RHEL-119697 Tenable has extracted the preceding description block...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989518 advisory. In the Linux kernel, the following vulnerability has been resolved: sysv: don't call sbbread with pointerslock held syzbot is reporting sleep in atomic context in Sy...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990136)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990136 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989445 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver...

xorg: xmayland: Use-after-free in XPresentNotify structure creation

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is resized...

SUSE-SU-2025:3910-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 - CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: rose: Fixed dangling neighbor pointers in rosertdevicedown. There are two bugs in rosertdevicedown that can lead to use-after-free situations: 1. The loop variable t-count is modified within the loop, which can cause the loop ...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: genirq/irqsim: Initialize work context pointers properly Initialize ops member's pointers properly by using kzalloc instead of kmalloc when allocating the simulation work context. Otherwise the pointers contain random content...

SUSE SLES15 Security Update : poppler (SUSE-SU-2025:3900-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3900-1 advisory. - CVE-2025-43718: Fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files allow...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-43718: Fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files allows for stack exhaustion and denial of service bsc1250908. CVE-2025-52885: Fixed raw pointers can lead to dangling...

SUSE-SU-2025:3900-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2025-43718: Fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files allows for stack exhaustion and denial of service bsc1250908. - CVE-2025-52885: Fixed raw pointers can lead to dangling...

[SECURITY] Fedora 43 Update: git-lfs-3.7.1-1.fc43

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server...

[SECURITY] Fedora 41 Update: git-lfs-3.7.1-1.fc41

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2025:3779-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3779-1 advisory. - CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processin...