Security update for kernel-livepatch-MICRO-6-0-RT_Update_6

This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 CVE-2025-38181: calipso: fix null-ptr-deref in...

AZL-67650 CVE-2025-39873 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

CVE-2025-39873

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

CVE-2025-39873 can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

CVE-2025-39873 can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

CVE-2025-39873

CVE-2025-39873 (Linux kernel) : The vulnerability concerns the xilinx_can driver where xcan_write_frame() may use a previously freed skb. The root cause is that can_put_echo_skb() can take ownership of the SKB, which may be freed during or after the call, while xcan_write_frame() continues to tou...

kernel: net: usb: smsc75xx: Limit packet length to skb->len

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be larger than the actual socket buffer length up to 9026 bytes. In such case the cloned skb passed up the network stack will leak kerne...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the xcanwriteframe function continuing to use a freed SKB after calling canputechoskb, which could lead to...

SUSE CVE-2025-39852

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 When tcpaocopyallmatching fails in tcpv6synrecvsock it just exits the function. This ends up causing a memory-leak: unreferenced object 0xffff0000281a8200 size...

[SECURITY] Fedora 41 Update: podman-tui-1.8.0-1.fc41

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

[SECURITY] Fedora 42 Update: podman-tui-1.8.0-1.fc42

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

[SECURITY] Fedora 43 Update: podman-tui-1.8.0-1.fc43

podman-tui is a terminal user interface for Podman v4 and v5. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

lerobot 安全漏洞

lerobot is a robot programming library open-sourced by Hugging Face. A security vulnerability exists in huggingface LeRobot 0.3.3 and earlier versions, which stems from a lack of authentication in the ZeroMQ Socket Handler component and could lead to an attack within the local network...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerability (USN-7758-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7758-1 advisory. It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB...

Ubuntu: Security Advisory (USN-7758-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7758-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-10772 huggingface LeRobot ZeroMQ Socket lekiwi_remote.py missing authentication

A vulnerability was identified in huggingface LeRobot up to 0.3.3. Affected by this vulnerability is an unknown functionality of the file lerobot/common/robotdevices/robots/lekiwiremote.py of the component ZeroMQ Socket Handler. The manipulation leads to missing authentication. The attack can onl...

sslyze

It is an offensive tool for scanning SSL/TLS configurations. The primary target of this tool is the SSL/TLS configuration of a server, which can be analyzed to ensure it uses strong encryption settings and is not vulnerable to known TLS attacks. The tool can connect to a server to perform the...

ax25: properly unshare skbs in ax25_kiss_rcv()

...

Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()

...