CLSA-2025-1754553172 kernel: Fix of 17 CVEs

net: ch9200: fix uninitialised access during miinwayrestart CVE-2025-38086 - jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted CVE-2022-50126 - kernfs: fix potential NULL dereference in kernfsremove CVE-2022-50148 - md-raid10: fix KASAN warning CVE-2022-50211 - xhci: Fix...

Important: kernel

Issue Overview: There is a potential deadlock in the eBPF subsystem in the Linux kernel. The default sysctl configuration "kernel.unprivilegedbpfdisabled" on Amazon Linux does not allow unprivileged users to use eBPF. CVE-2023-0160 A denial of service problem was found, due to a possible recursiv...

promise webpam 2.2.0.13 - Multiple Vulnerabilities

No description provided by source. Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities Vendor: Promise Technology, Inc. Product web page: http://www.promise.com Affected version: 2.2.0.13 Summary: WebPAM is a web based Promise Array Management Software that's easy-to use, designed to simplif...

Areca Raid Storage Manager Default Admin Credentials (HTTP)

The remote Areca Raid Storage Manager web interface is using known default credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

promise webpam 2.2.0.13 - Multiple Vulnerabilities

Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities Vendor: Promise Technology, Inc. Product web page: http://www.promise.com Affected version: 2.2.0.13 Summary: WebPAM is a web based Promise Array Management Software that's easy-to use, designed to simplify RAID storage management. WebPAM i...