CVE-2025-37949

In the Linux kernel, the following vulnerability has been resolved: xenbus: Use kref to track req lifetime Marek reported seeing a NULL pointer fault in the xenbusthread callstack: BUG: kernel NULL pointer dereference, address: 0000000000000000 RIP: e030:wakeupcommon+0x4c/0x180 Call Trace:...

CVE-2025-37946

CVE-2025-37946 concerns the Linux kernel, specifically the s390 PCI subsystem. The issue arises from a duplicate pci_dev_put() in disable_slot() when a PF has child VFs, introduced during a change that added a lock to zpci_dev state. The extra pci_dev_put() can lead to a use-after-free if the pci...

CVE-2025-37945

In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsaswitchsuspend and dsaswitchresume from their device PM ops: qca8k-8xxx, bcmsf2, microchip ksz...

CVE-2025-37942

Removed by vendor...

CVE-2025-37937

In the Linux kernel, the following vulnerability has been resolved: objtool, media: dib8000: Prevent divide-by-zero in dib8000setdds If dib8000setdds's call to dib8000read32 returns zero, the result is a divide-by-zero. Prevent that from happening. Fixes the following warning with an UBSAN kernel...

CVE-2025-37935

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will process ...

CVE-2025-37932

In the Linux kernel, the following vulnerability has been resolved: schhtb: make htbqlennotify idempotent htbqlennotify always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore, it is not idempotent and not friendly to its callers, like...

CVE-2025-37918

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer dereference in skbdequeue A NULL pointer dereference can occur in skbdequeue when processing a QCA firmware crash dump on WCN7851 0489:e0f3. 93.672166 Bluetooth: hci0: ACL memdump size589824...

CVE-2025-37915

In the Linux kernel, the following vulnerability has been resolved: netsched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of drr,...

CVE-2025-37914

In the Linux kernel, the following vulnerability has been resolved: netsched: ets: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of ets,...

CVE-2025-37913

In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of qfq,...

CVE-2025-37912

In the Linux kernel, the following vulnerability has been resolved: ice: Check VF VSI Pointer Value in icevcaddfdirfltr As mentioned in the commit baeb705fd6a7 "ice: always check VF VSI pointer values", we need to perform a null pointer check on the return value of icegetvfvsi before using it...

CVE-2025-37900

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommucopystructfromuser In the review for iommucopystructtouser helper, Matt pointed out that a NULL pointer should be rejected prior to dereferencing it:...

CVE-2025-30193

In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

CVE-2025-30193

DNSdist (DNS load balancer) is affected by CVE-2025-30193 due to a vulnerability where unlimited queries on a single TCP connection can exhaust the stack and crash the process, causing DoS. Remediation is to upgrade to version 1.9.10. As a workaround, set a maximum number of TCP queries per conne...

Security update for helm

This update for helm fixes the following issues: help was updated to version 3.17.3: Helm v3.17.3 is a security patch release. Users are strongly recommended to update to this release. Changelog Unarchiving fix e4da497 Matt Farina Patch Instructions: To install this SUSE update use the SUSE...

PT-2025-23276 · Suse · Helm

This update for helm fixes the following issues: help was updated to version 3.17.3: Helm v3.17.3 is a security patch release. Users are strongly recommended to update to this release. Changelog - Unarchiving fix e4da497 Matt Farina...

PT-2025-22135 · NetGear · Netgear Dgnd3700

Name of the Vulnerable Software and Affected Versions: Netgear DGND3700 version 1.1.00.15 1.00.15NA Description: A very critical issue was found, affecting the Basic Authentication component of the Netgear DGND3700. This issue leads to improper authentication and can be initiated remotely. The...

PT-2025-22370

Name of the Vulnerable Software and Affected Versions ns backup extension for TYPO3 version 13.0.0 and earlier Description The issue concerns a Predictable Resource Location in the ns backup extension for TYPO3. This allows an unauthenticated remote user to download created backups and...