SUSE-SU-2025:02433-1 Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002330 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. - CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. - CVE-2024-53173:...

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173: NFSv4....

Crypto-Assisted Graph Degree Sequence Release under Local Differential Privacy

Whitepaper called Crypto-Assisted Graph Degree Sequence Release Under Local Differential Privacy...

tracing: Fix oob write in trace_seq_to_buffer()

...

jbd2: remove wrong sb->s_sequence check

...

White-Basilisk: a Hybrid Model for Code Vulnerability Detection

The proliferation of software vulnerabilities presents a significant challenge to cybersecurity, necessitating more effective detection methodologies. We introduce White-Basilisk, a novel approach to vulnerability detection that demonstrates superior performance while challenging prevailing...

EinHops: Einsum Notation for Expressive Homomorphic Operations on RNS-CKKS Tensors

Fully Homomorphic Encryption FHE is an encryption scheme that allows for computation to be performed directly on encrypted data, effectively closing the loop on secure and outsourced computing. Data is encrypted not only during rest and transit, but also during processing. However, FHE provides a...

SUSE CVE-2025-38262

In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...

CLSA-2025-1752087582 Fix CVE(s): CVE-2025-31651

SECURITY UPDATE: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability - debian/patches/CVE-2025-31651.patch: Enforces rewrite rules to preventing bypass of security constraints in specific configurations - CVE-2025-31651...

kernel: drm/amdgpu: add error handle to avoid out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the sdmav40irqidtoseq return -EINVAL, the process should be stop to avoid out-of-bounds read, so directly return -EINVAL...

Automated Attack Testflow Extraction from Cyber Threat Report Using BERT for Contextual Analysis

In the ever-evolving landscape of cybersecurity, the rapid identification and mitigation of Advanced Persistent Threats APTs is crucial. Security practitioners rely on detailed threat reports to understand the tactics, techniques, and procedures TTPs employed by attackers. However, manually...

50M_CTF_Writeup

It is an offensive tool for CTF Capture The Flag challenges. The repository contains a writeup for a $50 million CTF challenge, which includes a binary image that needs to be decoded to reveal a hidden message. The binary image is encoded with a repeating sequence of binary digits, which can be...

DEBIAN-CVE-2025-38224

In the Linux kernel, the following vulnerability has been resolved: can: kvaserpciefd: refine error prone echoskbmax handling logic echoskbmax should define the supported upper limit of echoskb allocated inside the netdevice's priv. The corresponding size value provided by this driver to...

RVISmith: Fuzzing Compilers for RVV Intrinsics

Modern processors are equipped with single instruction multiple data SIMD instructions for fine-grained data parallelism. Compiler auto-vectorization techniques that target SIMD instructions face performance limitations due to insufficient information available at compile time, requiring...

The vulnerability of the FreeScout support service management system lies in the improper implementation of the sequence of actions to be performed, allowing a intruder to gain unauthorized access to the system’s functional capabilities.

The vulnerability of the FreeScout support service management system is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the system’s functions...

The vulnerability of the FreeScout support service management system lies in the improper implementation of the sequence of actions to be performed, allowing a intruder to gain unauthorized access to the system’s functional capabilities.

The vulnerability of the FreeScout support service management system is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the system’s functions...

The vulnerability of the FreeScout support service management system lies in the improper implementation of the sequence of actions to be performed, allowing a intruder to gain unauthorized access to the system’s functional capabilities.

The vulnerability of the FreeScout support service management system is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the system’s functions...

The vulnerability of the FreeScout support service management system lies in the improper implementation of the sequence of actions to be performed, allowing a intruder to gain unauthorized access to the system’s functional capabilities.

The vulnerability of the FreeScout support service management system is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the system’s functions...

The vulnerability of the FreeScout support service management system lies in the improper implementation of the sequence of actions to be performed, allowing a malicious user to gain unauthorized access to the application’s functions.

The vulnerability of the FreeScout support service management system is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to the application’s functions...

The vulnerability of the FreeScout support service management system lies in the improper implementation of the sequence of actions to be performed, allowing a malicious user to gain unauthorized access to the application’s functions.

The vulnerability of the FreeScout support service management system is related to the improper implementation of the sequence of actions to be performed. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to the application’s functions...