Security Bulletin: Vulnerability in jackson-core affects IBM Cloud Pak System[CVE-2025-52999]

Summary Vulnerability found for potential stackoverflowError in jackson-core affects IBM Cloud Pak System. Vulnerability was addressed by IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2025-52999 DESCRIPTION: jackson-core contains core low-level incremental "streaming" parser and generator...

GNU Binutils Resource Management Error Vulnerability

GNU Binutils is a binary toolset developed by the GNU Project to handle operations such as target files, assembly and linking. A memory leak vulnerability exists in GNU Binutils version 2.44, which originates from a processdebuginfo function handling exception in the binutils/dwarf.c file in the...

GNU Binutils（GNU Binary Utilities） 安全漏洞

GNU Binutils is a binary toolset developed by the GNU Project to handle operations such as target files, assembly and linking. A memory leak vulnerability exists in GNU Binutils version 2.44, which originates from a processdebuginfo function handling exception in the binutils/dwarf.c file in the...

SUSE CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

CVE-2025-2329

In high traffic environments, a Silicon Labs OpenThread RCP see impacted versions fails to clear the SPI transmit buffer and may send a corrupt packet over SPI to its host, causing the host to reset the RCP which results in a denial of service...

CVE-2025-38418

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc-cleantable after rprocattach fails When rproc-state = RPROCDETACHED is attached to remote processor through rprocattach, if rprochandleresources returns failure, then the clean table should be...

DEBIAN-CVE-2025-38419

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Cleanup acquired resources when rprochandleresources fails in rprocattach When rproc-state = RPROCDETACHED and rprocattach is used to attach to the remote processor, if rprochandleresources returns a failure, th...

CVE-2025-38419

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Cleanup acquired resources when rprochandleresources fails in rprocattach When rproc-state = RPROCDETACHED and rprocattach is used to attach to the remote processor, if rprochandleresources returns a failure, th...

CVE-2025-38419

In CVE-2025-38419, Linux kernel remoteproc core fixes a resource leak: when rproc_attach() runs with rproc->state = RPROC_DETACHED and rproc_handle_resources() fails, resources allocated by imx_rproc_prepare() were not released. The mitigation is a code change in rproc_attach() to route to cle...

CVE-2025-38418 remoteproc: core: Release rproc->clean_table after rproc_attach() fails

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc-cleantable after rprocattach fails When rproc-state = RPROCDETACHED is attached to remote processor through rprocattach, if rprochandleresources returns failure, then the clean table should be...

CVE-2025-38418

CVE-2025-38418 affects the Linux kernel remoteproc subsystem. The root cause is a failure path in rproc_attach() where, if rproc_handle_resources() fails while the remote processor is in state RPROC_DETACHED, rproc->clean_table is not released, leading to a memory leak (observed in a kworker t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not disabling interrupts before resetting the GPU...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not verifying the validity of numcpu provided by userspace...

CLSA-2025-1753374470 dovecot: Fix of CVE-2024-23184

CVE-2024-23184: restrict address headers to mitigate excessive CPU usage and prevent potential DoS attacks...

USN-7651-5 linux-raspi-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

The vulnerability of AMD’s microprogramming software for processors lies in the insufficient protection of operational data, which allows attackers to disclose protected information.

The vulnerability of AMD’s microprogramming software is related to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability in the `arch/x86/power/cpu.c` module of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the arch/x86/power/cpu.c module of Linux operating systems is related to incorrect initialization of resources due to discrepancies in values before and after the hibernation mode. Exploiting this vulnerability can allow an attacker to cause a system failure...

USN-7651-2 linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

The vulnerability of the smp_processor_id() function in the drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c kernel of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the smpprocessorid function in the drivers/vfio/pci/hisilicon/hisiaccvfiopci.c module of the Linux operating system is related to the assignment of the NUL address value due to incorrect loading of drivers in the guest operating system. Exploiting this vulnerability can allow...

The vulnerability of the smp_processor_id() function in the drivers/perf/amlogic/meson_dr_pmu_core.c kernel of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the smpprocessorid function in the drivers/perf/amlogic/mesondrpmucore.c kernel of the Linux operating system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure...