CLSA-2026-1769084608 mariadb: Fix of 5 CVEs

Updated to the 10.5.29 tarball - CVE-2025-30722: fix mariadb-dump wrong quoting character by using ' not " and using quoteforequal - CVE-2025-30693: fix incorrect undo logging for indexes on virtual columns by properly encoding/decoding large index IDs in InnoDB undo log records - CVE-2025-21490:...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992604)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992604 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnicsriovinit If vp alloc failed in...

EUVD-2001-1380

Malware in sbrugna...

UBUNTU-CVE-2022-50242

In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnicsriovinit If vp alloc failed in qlcnicsriovinit, all previously allocated vp needs to be freed...

CVE-2022-50242 drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()

In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnicsriovinit If vp alloc failed in qlcnicsriovinit, all previously allocated vp needs to be freed...

CVE-2023-53124

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sastransportportadd Port is allocated by sasportallocnum and rphy is allocated by either sasenddevicealloc or sasexpanderalloc, all of which may return NULL. So we need to check the...

UBUNTU-CVE-2023-53124

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sastransportportadd Port is allocated by sasportallocnum and rphy is allocated by either sasenddevicealloc or sasexpanderalloc, all of which may return NULL. So we need to check the...

SUSE CVE-2024-41098

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ataportalloc call in atahostalloc fails, atahostrelease will get called. However, the code in atahostrelease tries to free ataport struct members unconditionally, whi...

CVE-2024-41098

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ataportalloc call in atahostalloc fails, atahostrelease will get called. However, the code in atahostrelease tries to free ataport struct members unconditionally, whi...

kernel: RDMA/srpt: Fix a use-after-free

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srptport from regular members into pointers. Allocate the LIO port data structures from inside srptmaketport and free these from inside srptmaketport. Keep...

Race Condition

github.com/kubernetes-sigs/aws-efs-csi-driver is vulnerable to race conditions. An attacker is able to trigger a race condition during concurrent TLS mounts because concurrent mount operations may allocate the same local port, leading to either failed mount operations or an inappropriate mapping ...

efs-utils and aws-efs-csi-driver have race condition during concurrent TLS mounts

Impact A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below, and aws-efs-csi-driver versions v1.4.7 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior t...

CVE-2022-46174

efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS...

Race condition

efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS...

Denial Of Service (DoS)

xen is vulnerable to denial of service. A guest OS user is able to crash the host OS due to incorrect error handling in an event-channel port allocation...

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0985-1 Rating: important References: 1027519 1172205 1173376 1173377 1173378 1173380 Cross-References: CVE-2020-0543 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 Affected Products: openSUSE Leap 15....

Fedora 32 : xen (2020-fbc13516af)

incorrect error handling in event channel port allocation leads to DoS XSA-317, CVE-2020-15566 1854465 inverted code paths in x86 dirty VRAM tracking leads to DoS XSA-319, CVE-2020-15563 1854463 xen: insufficient cache write-back under VT-d leads to DoS XSA-321, CVE-2020-15565 1854467 missing...

CVE-2020-15566

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: 1 port is already in use, 2 the memory allocation failed, or...

DEBIAN-CVE-2020-15566

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: 1 port is already in use, 2 the memory allocation failed, or...

ALPINE-CVE-2020-15566

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: 1 port is already in use, 2 the memory allocation failed, or...