[SECURITY] Fedora 44 Update: wireshark-4.6.4-2.fc44

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

CVE-2026-33281 Ella Core panics on invalid PDU Session IDs in NGAP messages

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing NGAP messages with invalid PDU Session IDs outside of 1-15. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected...

[SECURITY] Fedora 42 Update: wireshark-4.6.4-1.fc42

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec

...

SUSE CVE-2026-25941

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory...

PT-2026-22266

Name of the Vulnerable Software and Affected Versions Systems utilizing WebSocket endpoints for the Open Charge Point Protocol OCPP affected versions not specified Description WebSocket endpoints lack proper authentication mechanisms, allowing attackers to perform unauthorized station impersonati...

kernel: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

CVE-2026-23112

CVE-2026-23112 affects the Linux kernel nvmet-tcp implementation. The issue in nvmet_tcp_build_pdu_iovec allows walking past cmd->req.sg when a PDU length/offset exceeds sg_cnt, causing bogus sg->length/offset usage and leading to _copy_to_iter() GPF/KASAN. The fix adds guards for sg_idx, r...

Linux Distros Unpatched Vulnerability : CVE-2026-23948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference when processing QUIC data in the SSLCIPHERfind function. An attacker can interrupt service by sending an unknown or unsupported cipher ID. Remediation Upgrade openssl to version 3.3.6, 3.4.4, 3.5.5, 3.6.1 or...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ReadFile function. An attacker can cause excessive CPU and memory consumption by supplying maliciously crafted TLV length values from an NFC or APDU source, leading to resourc...

[SECURITY] Fedora 43 Update: wireshark-4.6.3-1.fc43

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

MiracleLinux 3 : vnc-4.1.2-9.6AXS3 (AXSA:2009-21:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-21:01 advisory. Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running...

[SECURITY] Fedora 43 Update: wireshark-4.6.1-1.fc43

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

kernel: can: j1939: implement NETDEV_UNREGISTER notification handler

A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the npduisexpectedreply function. An attacker can cause a crash or misroute replies by sending specially crafted PDUs that trigger out-of-bounds reads. Remediation A fix was pushed into the master branch but not y...

SUSE-SU-2025:21108-1 Security update for kernel-livepatch-MICRO-6-0_Update_5

This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882 - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672 - CVE-2025-38616: tls: handle data...

EUVD-2025-35067

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service...

EUVD-2025-35063

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service...

CVE-2025-26782

An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service...