PT-2025-25854

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the drm/amd/display component, where it's possible to generate more than 50 steps in hwss build fast...

PT-2025-25986 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A resource leak issue has been identified in the Linux kernel, specifically in the octeontx2-af module. The problem occurs during the teardown sequence in the FLR handler, where it...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an undersized blocksequence array, which could lead to a buffer overflow...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase blocksequence array size Why It's possible to generate more than 50 steps in hwssbuildfastsequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This overflows the blocksequence...

TencentOS Server 3: edk2 (TSSA-2024:0393)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0393 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

OESA-2025-1628 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: vpvdpa: fix the crash in hot unplug with vpvdpa While unplugging the vpvdpa device, it triggers a kernel panic The root cause is: vdpamgmtdevunregister will...

OESA-2025-1627 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: vpvdpa: fix the crash in hot unplug with vpvdpa While unplugging the vpvdpa device, it triggers a kernel panic The root cause is: vdpamgmtdevunregister will...

Amazon Linux 2 : libtasn1 (ALAS-2025-2886)

The version of libtasn1 installed on the remote host is prior to 4.10-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2886 advisory. When an input DER data contains a large number of SEQUENCE OF or SET OF elements, decoding the data and searching a specific elemen...

Medium: libtasn1

Issue Overview: When an input DER data contains a large number of SEQUENCE OF or SET OF elements, decoding the data and searching a specific element in it take quadratic time to complete. This could be utilized for a remote DoS attack by presenting a crafted certificate to the network peer...

Learning Obfuscations of LLM Embedding Sequences: Stained Glass Transform

The high cost of ownership of AI compute infrastructure and challenges of robust serving of large language models LLMs has led to a surge in managed Model-as-a-service deployments. Even when enterprises choose on-premises deployments, the compute infrastructure is typically shared across many tea...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale System are now included (CVE-2023-52486 CVE-2023-52881)

Summary The following vulnerabilities that can affect IBM Storage Scale System and could provide weaker than expected security are now fixed CVE-2023-52486 CVE-2023-52881. Vulnerability Details CVEID:CVE-2023-52881 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved:...

UBUNTU-CVE-2025-38004

In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime updates The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the...

OESA-2025-1583 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

OESA-2025-1582 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

CVE-2025-21479

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands...

Membership Inference Attacks on Sequence Models

Sequence models, such as Large Language Models LLMs and autoregressive image generators, have a tendency to memorize and inadvertently leak sensitive information. While this tendency has critical legal implications, existing tools are insufficient to audit the resulting risks. We hypothesize that...

CVE-2025-21479

CVE-2025-21479 is a memory corruption vulnerability in Qualcomm Adreno GPU drivers caused by unauthorized command execution in a GPU micronode during a specific command sequence. Public details indicate it affects Adreno A7xx devices (e.g., Snapdragon 8 Gen 1+ era) and can enable kernel memory re...

Medium: libtasn1

Issue Overview: When an input DER data contains a large number of SEQUENCE OF or SET OF elements, decoding the data and searching a specific element in it take quadratic time to complete. This could be utilized for a remote DoS attack by presenting a crafted certificate to the network peer...

OESA-2025-1549 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

CVE-2024-3332

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device...