Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html CVE-2024-31068: Improper Finite State Machines FSMs i...

The vulnerability of the a6xx_gpu_init() function in the drivers/gpu/drm/msm/adreno/a6xx_gpu.c kernel of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the a6xxgpuinit function in the drivers/gpu/drm/msm/adreno/a6xxgpu.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...

Envoy 安全漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A security vulnerability exists in Envoy versions prior to 1.33.1, prior to 1.32.4, prior to 1.31.6, and prior to 1.30.10, which stems from a lifecycle issue in the extproc HTTP filter that could cause a crash...

ChuanhuChatGPT 资源管理错误漏洞

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. ChuanhuChatGPT suffers from a denial of service vulnerability that stems from the use of an insecure regular expression. An attacker can...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-068)

The version of kernel installed on the remote host is prior to 5.15.57-29.131. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-068 advisory. A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong...

PT-2025-18444

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use after free bug was detected by KASAN in the Linux kernel, specifically in the drm/imagination module. The issue occurs when the fragment job is being prepared by the GPU scheduler...

CVE-2025-20142

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

hrtimers: Handle CPU state correctly on hotplug

...

cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU

...

The vulnerability of the System Management Mode (SMM) mode of AMD microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the System Management Mode SMM mode of AMD microprogramming processors is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2025-20141

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. This vulnerability ...

CVE-2025-20142

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

CVE-2025-20142

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

CVE-2025-20142

Cisco IOS XR Software for ASR 9000 Series Routers, including ASR 9902/9903, contains a vulnerability in the IPv4 ACL and QoS policy handling that affects line cards. Malformed IPv4 packets processed when an IPv4 ACL or QoS policy is applied can cause network processor errors, triggering a line-ca...

CVE-2025-20141

CVE-2025-20141 affects Cisco IOS XR Software Release 7.9.2. The vulnerability arises from incorrect handling of packets punted from a line card to the route processor, enabling an unauthenticated adjacent attacker to disrupt control plane traffic on multiple IOS XR platforms. Exploitation involve...

CVE-2025-20141 Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerabillity

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. This vulnerability ...

AMD Processors 安全漏洞

AMD Processors is a processor from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Processors that stems from a microcode signature verification bypass that could lead to an attacker elevating privileges...

CVE-2024-52923

An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the decoding of DL NAS...

CVE-2024-52924

An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration...

CVE-2024-50600

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOPKEEPALIVEOFFLOAD leads to out-of-bounds access. An attacker can send a malformed message to the target through the Wi-Fi...