SUSE SLES15 / openSUSE 15 : Security update for the Linux Kernel (SUSE-SU-2026:1041-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1041-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255163. CVE-2023-53827: Bluetooth: L2CAP: Fix use-after-free in...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.14-2.AXS4 (AXSA:2017-2465:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2465:03 advisory. Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990861)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990861 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use after free in pxafbtask In the pxafbprobe function, it calls the...

EUVD-2025-25545

Malicious code in bioql PyPI...

SUSE-SU-2025:20755-1 Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3 bsc1245401,bsc1245403: + docs: provide example3 for PAM and sshpwauth behavior 27 + fix: Make hotplug socket writable only by root 25 CVE-2024-11584 + fix: Don't attempt to identify non-x86 OpenStack instances LP:...

Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3 bsc1245401,bsc1245403: docs: provide example3 for PAM and sshpwauth behavior 27 fix: Make hotplug socket writable only by root 25 CVE-2024-11584 fix: Don't attempt to identify non-x86 OpenStack instances LP: 2069607...

CVE-2025-38657

CVE-2025-38657 affects the Linux kernel’s wifi/rtw89 MCC path. The vulnerability arises because the user-controlled link_id parsed via debugfs can exceed BITS_PER_LONG, causing shift wrapping and potentially an out-of-bounds access. The issue is mitigated by capping the value to IEEE80211_MLD_MAX...

CVE-2024-42131

A vulnerability was found in the Linux kernel's memory management subsystem where a lack of proper size checks on dirty limits can lead to situations where large dirty limits end up being larger than 32-bits, resulting in potential overflows and divisions by 0. This can cause memory corruption,...

CVE-2024-42131 mm: avoid overflows in dirty throttling logic

In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGESIZE units fit into 32-bit so that various multiplications fit into 64-bits. If limits end up bein...

PYSEC-2012-21

virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...