CVE-2025-38236

In the Linux kernel, the following vulnerability has been resolved: afunix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unixstreamreadgeneric. The following sequences reproduce the issue: $ python3 from socket import s1, s2 = socketpairAFUNIX, SOCKSTREAM...

CVE-2025-38216

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Restore context entry setup order for aliased devices Commit 2031c469f816 "iommu/vt-d: Add support for static identity domain" changed the context entry setup during domain attachment from a set-and-check policy to a...

CVE-2025-22062 sctp: add mutual exclusion in proc_sctp_do_udp_port()

In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in procsctpdoudpport We must serialize calls to sctpudpsockstop and sctpudpsockstart or risk a crash as syzbot reported: Oops: general protection fault, probably for non-canonical address...

CVE-2024-46845

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Only clear timer if a kthread exists The timerlat tracer can use user space threads to check for osnoise and timer latency. If the program using this is killed via a SIGTERM, the threads are shutdown one at a ti...

Security Update for Microsoft SharePoint Enterprise Server 2013 (KB5002235) farm-deployment

A security vulnerability exists in Microsoft SharePoint Enterprise Server 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Excel 2010 (KB4493222) 32-Bit Edition

A security vulnerability exists in Microsoft Excel 2010 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...