NewStart CGSL MAIN 6.06 (SP) : gcc Vulnerability (NS-SA-2026-0008)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has gcc packages installed that are affected by a vulnerability: - The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the...

EUVD-2019-6763

Malware in sbrugna...

EUVD-2020-26035

Malware in sbrugna...

EUVD-2022-27591

Malicious code in bioql PyPI...

EUVD-2021-7905

Malicious code in bioql PyPI...

EUVD-2023-34856

Malicious code in bioql PyPI...

gcc-toolset-12-gcc bug fix update

An update is available for gcc-toolset-12-gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gcc-toolset-12-gcc package contains the GNU Compiler Collectio...

RHEL 7 : kernel-alt (RHSA-2018:0180)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0180 advisory. The kernel-alt packages provide the Linux kernel version 4.x. Security Fixes: A flaw was found in the patches used to fix the 'dirtycow' vulnerabilit...

CVE-2025-21869

In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II power9 with kernel 6.13: 12.028126 ==================================================================...

CVE-2025-21869 powerpc/code-patching: Disable KASAN report during patching via temporary mm

In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports the following KASAN hit on Talos II power9 with kernel 6.13: 12.028126 ==================================================================...

CVE-2025-21869

Summary: CVE-2025-21869 is tied to a Linux kernel PowerPC code-patching issue where KASAN reports could trigger during patching on certain hardware (Talos II with kernel 6.13). Root cause: patching instructions could write into user-address-space memory under KASAN instrumentation, causing a KASA...

Linux Distros Unpatched Vulnerability : CVE-2020-4788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating...

CVE-2024-57999

CVE-2024-57999 affects the PowerPC/pseries IOMMU in the Linux kernel where MMIO ranges for Dynamic DMA Window are not correctly marked, allowing DMA buffers to be mapped in 64‑bit DDW ranges and potentially causing OOPS during boot. Root causes identified include: 1) using int for an address (uns...

CVE-2024-57999 powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW Power Hypervisor can possibily allocate MMIO window intersecting with Dynamic DMA Window DDW range, which is over 32-bit addressing. These MMIO pages needs to be...

UBUNTU-CVE-2022-49703

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue is first allocated a...

CVE-2022-49703 scsi: ibmvfc: Store vhost pointer during subcrq allocation

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue is first allocated a...

Security Bulletin: This Power System update is being released to address CVE-2024-45656

Summary IBM Flexible Service Processor FSP has static credentials which may allow network users to gain service privileges to the FSP. Vulnerability Details CVEID:CVE-2024-45656 DESCRIPTION: IBM Flexible Service Processor FSP has static credentials which may allow network users to gain service...

GCC: Flawed Code Generation

Background The GNU Compiler Collection includes front ends for C, C++, Objective-C, Fortran, Ada, Go, D and Modula-2 as well as libraries for these languages libstdc++,.... Description A vulnerability has been discovered in GCC. Please review the CVE identifier referenced below for details. Impac...

CVE-2024-41070

The CVE-2024-41070 issue is a use-after-free in KVM on PPC Book3S HV. The code path kvm_spapr_tce_attach_iommu_group() reads stt from tablefd, then fdputs the fd and uses stt after the fd is released, allowing a race that frees stt via release_spapr_tce_table() (RCU) and can lead to UAF even with...

CVE-2024-41070 KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group()

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup Al reported a possible use-after-free UAF in kvmspaprtceattachiommugroup. It looks up stt from tablefd, but then continues to use it after doing fdput on the returne...