CVE-2024-47120 IBM Security Verify Information Queue code execution

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges...

CVE-2024-47120 IBM Security Verify Information Queue code execution

IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 could allow a privileged user to escalate their privileges and attack surface on the host due to the containers running with unnecessary privileges...

Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059204 fixes several issues. The following security issues were fixed: CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree twice bsc1244235. CVE-2025-38000: schhfsc:...

IBM Security Verify Information Queue 安全漏洞

IBM Security Verify Information Queue is a microservices architecture integration platform that leverages Kafka technology and a publish/subscribe model to integrate data between IBMSecurity products, acting as a cross-product data exchange hub. A denial of service vulnerability exists in IBM...

PT-2025-37095

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Information Queue versions 10.0.5 through 10.0.8 Description: IBM Security Verify Information Queue containers may run with unnecessary privileges, potentially allowing a privileged user to escalate their privileges and...

PT-2025-46621

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s blk-mq subsystem related to memory allocation. Specifically, allocating and freeing sched tags while a queue is frozen can lead to a deadlock. The iss...

IBM Security Verify Information Queue 安全漏洞

IBM Security Verify Information Queue is a microservices architecture integration platform that leverages Kafka technology and a publish/subscribe model to integrate data between IBMSecurity products, acting as a cross-product data exchange hub. An elevation of privilege vulnerability exists in I...

IBM Security Verify Information Queue 加密问题漏洞

IBM Security Verify Information Queue is an integration product from International Business Machines IBM, Inc. utilizes Kafka technology and a publish/subscribe model to integrate data between IBM Security products. A cryptographic issue vulnerability exists in IBM Security Verify Information Que...

PT-2025-37094

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Information Queue versions 10.0.5 through 10.0.8 Description: IBM Security Verify Information Queue utilizes cryptographic algorithms that are considered weaker than expected, potentially allowing an attacker to decrypt...

Linux Distros Unpatched Vulnerability : CVE-2017-0504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver...

PT-2025-37093

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Information Queue versions 10.0.5 through 10.0.8 Description: IBM Security Verify Information Queue versions 10.0.5, 10.0.6, 10.0.7, and 10.0.8 may allow a remote user to cause a denial of service due to improper handling ...

Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001023 fixes several issues. The following security issues were fixed: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. CVE-2025-38001: netsched: hfsc: Address...

SUSE-SU-2025:03109-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001034 fixes several issues. The following security issues were fixed: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address...

CVE-2025-36100

IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local us...

kernel: net/sched: Always pass notifications when child class becomes empty

A use-after-free UAF vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper CBS qdisc implementation schcbs. The vulnerability occurs because the CBS qdisc's reset function qdiscresetqueue only resets its internal queue but fails to reset its...

kernel: idpf: convert control queue mutex to a spinlock

In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2CAPMACFILTER enabled, the following warning is generated on module load: 324.701677 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578...

ALSA-2025:15429 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: udmabuf: fix a buf size overflow issue during udmabuf creation CVE-2025-37803 kernel: idpf: convert control queue mutex to a spinlock CVE-2025-38392 For more details about the security...

drm/amdkfd: Destroy KFD debugfs after destroy KFD wq

...

CVE-2025-36100

IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local...

IBM MQ 安全漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and validated messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ that stems from storing passwords in client configuratio...