ROS-20260408-73-0028

A vulnerability in the drivers/bus component of the Linux operating system kernel is related to memory re-release. Exploitation of the vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause denial of service...

Advisory ROSA-SA-2026-3227

software: qemu 7.2.22 OS: ROSA-CHROME unaffected versions = qemu-7.2.22-1 affected versions qemu-7.2.22-1 CVE-ID: CVE-2023-3019 BDU-ID: 2024-04883 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the e1000e component of the QEMU server is related to DMA re-entry. Exploitation of the vulnerability...

ROS-20260202-73-0036

A vulnerability in the pciregisterhostbridge function of the Linux operating system kernel is related to memory re-release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7305

A vulnerability in the uvcstatusinit function of the Linux operating system kernel is associated with a memory re-release error. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected information...

ROS-20260119-7387

A vulnerability in the usbgcmdwork and botcmdwork functions of the USB driver drivers/usb/gadget/function/ftcm.c of the Linux kernel is related to memory re-release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Advisory ROSA-SA-2025-3063

Software: libarchive 3.3.3 OS: ROSA Virtualization 2.1 unaffected versions = libarchive-3.3.3.3-6.0.1.rv3 affected versions libarchive-3.3.3.3-6.0.1.rv3 CVE-ID: CVE-2025-5914 BDU-ID: CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the archivereadformatrarseekdata function of the Libarchive...

ROS-20251006-01

A vulnerability in the certtool utility of the GnuTLS transport layer security library is related to an operation exceeding the buffer boundaries. operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20250929-05

A vulnerability in the Libarchive library is related to a data bounds checking error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code Windows operating system Libarchive library vulnerability is related to integer overflow. Exploitation of the vulnerability cou...

ROS-20250924-09

The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...

ROS-20250430-02

A vulnerability in the libavformat/westwoodvqa.c component of the FFmpeg multimedia library is related to an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service using a specially crafted VQA file FFmpeg multimedia library...

ROS-20241016-01

Vulnerability of nvmet-tcp component of Linux kernel is related to dereferencing of NULL pointer in the nvmettcpinstallqueue function in drivers/nvme/target/tcp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in iwldeallocucode function in...

ROS-20241015-13

A vulnerability in the libceph component of the Linux kernel is related to incorrect input validation of the in the getreply and prepnextsparseread functions in net/ceph/osdclient.c, in the decrypttail and preparereadtailplain in net/ceph/messengerv2.c, in sizeoffooter, readpartialsparsemsgdata,...

ROS-20240627-03

A vulnerability in the QEMU hardware emulator is related to a memory re-release error. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by performing a DMA re-entry...

ROS-20240423-11

A vulnerability in the Libvirt virtualization management daemon is related to memory re-release. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service. integrity, and cause a denial of service...

Advisory ROSA-SA-2024-2321

software: libxml2 2.9.14 OS: ROSA-CHROME packageevrstring: libxml2-2.9.14-4.src.rpm CVE-ID: CVE-2023-28484 BDU-ID: 2023-03298 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlSchemaFixupComplexType xmlschemas.c function of the Libxml2 library is related to null pointer dereferencing...

Advisory ROSA-SA-2023-2319

software: libxml2 2.9.14 OS: ROSA-CHROME packageevrstring: libxml2-2.9.14-4.src.rpm CVE-ID: CVE-2023-28484 BDU-ID: 2023-03298 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlSchemaFixupComplexType xmlschemas.c function of the Libxml2 library is related to null pointer dereferencing...

ROS-20231009-04

Vulnerability of the nftsetcatchallflush function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the re-release of previously freed memory of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the...

ROS-20231009-02

Vulnerability of the nftsetcatchallflush function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel is related to the re-release of previously freed memory of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the...

ROS-20230418-05

A vulnerability in the OpenSSL cryptographic library is related to a boundary error in the PEMreadbioex function. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted PEM file to an application, cause a memory re-release error, and perform a typing...

Advisory ROSA-SA-2023-2127

Software: openssh 7.4 OS: rosa-server79 packageevrstring: openssh-7.4p1-21 CVE-ID: CVE-2023-25136 BDU-ID: 2023-00711 CVE-Crit: CRITICAL CVE-DESC: A vulnerability in the options.kexalgorithms component of the OpenSSH cryptographic security tool server is associated with a memory re-release error...