103 matches found
perl security update
An update is available for perl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Perl is a high-level programming language that is commonly used for system...
CVE-2025-38359
In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix inatomic handling in dosecurestorageaccess Kernel user spaces accesses to not exported pages in atomic context incorrectly try to resolve the page fault. With debug options enabled call traces like this can be seen:...
CVE-2025-38097
In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to reference leaks when we try to delete the netns. The reference chain is: xfrmstate - enacpsk - netns Since...
CVE-2022-50059
In the Linux kernel, the following vulnerability has been resolved: ceph: don't leak snaprwsem in handlecapgrant When handlecapgrant is called on an IMPORT op, then the snaprwsem is held and the function is expected to release it before returning. It currently fails to do that in all cases which...
CVE-2025-48976
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
CVE-2024-22654
tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c...
CVE-2025-46712
Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 for OTP-27, OTP-26.2.5.12 for OTP-26, and OTP-25.3.2.21 for OTP-25, Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This...
CVE-2025-37767
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE...
CVE-2025-37784
In the Linux kernel, the following vulnerability has been resolved: net: ti: icss-iep: Fix possible NULL pointer dereference for perout request The ICSS IEP driver tracks perout and pps enable state with flags. Currently when disabling pps and perout signals during icssiepexit, results in NULL...
CVE-2022-49888
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...
CVE-2025-37756
In the Linux kernel, the following vulnerability has been resolved: net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago...
CVE-2025-3647
A flaw was discovered in Moodle. Additional checks were required to ensure that users can only access cohort data they are authorized to retrieve...
CVE-2025-22038
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero numsubauth before subauth is accessed Access psid-subauthpsid-numsubauth - 1 without checking if numsubauth is non-zero leads to an out-of-bounds read. This patch adds a validation step to ensure numsubauth !...
GHSA-4HFP-H4CW-HJ8P vulnerabilities
Vulnerabilities for packages: zot, flux, cert-manager-fips, harbor, helm-operator-fips, helm-docs, kubescape, helm-push, k8ssandra-client-fips, k9s, consul-k8s, cert-manager-cmctl-fips, pluto, chart-testing, flux-source-controller, rancher-helm, cluster-api-helm-controller, flux-fips, zarf,...
CVE-2025-21946
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bounds in parsesecdesc If osidoffset, gsidoffset and dacloffset could be greater than smbntsd struct size. If it is smaller, It could cause slab-out-of-bounds. And when validating sid, It need to check it includ...
CVE-2025-24209
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2024-53099 affecting package kernel for versions less than 5.15.176.3-1
CVE-2024-53099 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...
CVE-2025-21725
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORKINTERFACEINFO::LinkSpeed will always be set by the server, so the client must handle any values and then prevent oopses like below from happening: Oops...
CVE-2022-3114 affecting package kernel 5.15.202.1-1
CVE-2022-3114 affecting package kernel 5.15.202.1-1. This CVE either no longer is or was never applicable...
CVE-2021-3847 affecting package kernel 5.10.189.1-1
CVE-2021-3847 affecting package kernel 5.10.189.1-1. No patch is available currently...