PT-2025-37333

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The Linux kernel contains a flaw related to ACPI processor performance object handling. A check for pr-performance was added in a previous commit, which prevented frequency QoS request...

AZL-67214 CVE-2025-39752 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: ARM: rockchip: fix kernel hang during smp initialization In order to bring up secondary CPUs main CPU write trampoline code to SRAM. The trampoline code is written while secondary CPUs are powered on at least that true for RK3188...

AZL-70807 CVE-2025-39744 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...

CVE-2025-39752 ARM: rockchip: fix kernel hang during smp initialization

In the Linux kernel, the following vulnerability has been resolved: ARM: rockchip: fix kernel hang during smp initialization In order to bring up secondary CPUs main CPU write trampoline code to SRAM. The trampoline code is written while secondary CPUs are powered on at least that true for RK3188...

SUSE-SU-2025:03172-1 Security update for xen

This update for xen fixes the following issues: Security issues fixed: - CVE-2025-27466: NULL pointer dereference in the Viridian interface when updating the reference TSC area bsc1248807. - CVE-2025-58142: NULL pointer dereference in the Viridian interface due to assumption that the SIM page is...

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

Linux Distros Unpatched Vulnerability : CVE-2023-49141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper isolation in some IntelR Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local...

Linux Distros Unpatched Vulnerability : CVE-2022-24685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in...

Linux Distros Unpatched Vulnerability : CVE-2022-31618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin, where it can dereference a null pointer, which may lead to denial of...

SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2025:03116-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03116-1 advisory. - Intel CPU Microcode was updated to the 20250812 release bsc1248438 - CVE-2025-20109: Improper Isolation or Compartmentalization in the strea...

Linux Distros Unpatched Vulnerability : CVE-2018-14590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4Processor::ProcessFragments in Core/Ap4Processor.cpp. CVE-2018-14590 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2019-17528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from...

Linux Distros Unpatched Vulnerability : CVE-2011-1302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors...

Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250812 release bsc1248438 CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable...

CVE-2025-0032

Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution...

CVE-2025-39729 crypto: ccp - Fix dereferencing uninitialized error pointer

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 sevplatforminitlocked error: we previously assumed 'error' could be null...

[SECURITY] Fedora 42 Update: yq-4.47.1-2.fc42

Yq is a portable command-line YAML, JSON, XML, CSV, TOML and properties processor...

CVE-2024-36342

Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution...

CVE-2024-36346

Improper input validation in AMD Power Management Firmware PMFW could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition...

CVE-2024-36331

Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity...