Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005567 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection...

[slackware-security] expat

New expat packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/expat-2.7.0-i586-1slack15.0.txz: Upgraded. This update addresses a security issue: Fix crash from chaining a large number of entities...

SUSE-SU-2024:0298-1 Security update for squid

This update for squid fixes the following issues: - CVE-2023-50269: fixed X-Forwarded-For Stack Overflow. bsc1217654 - CVE-2024-23638: fixed Denial of Service attack against Cache Manager error responses. bsc1219131...

SUSE-SU-2023:3800-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. bsc1198712 - CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. bsc1193880 - CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue...

SUSE-SU-2023:3721-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. bsc1198712 - CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. bsc1193880 - CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue...

SUSE-SU-2023:3420-1 Security update for libcares2

This update for libcares2 fixes the following issues: - CVE-2022-4904: Fixed stack overflow in aressetsortlist bsc1208067...

SUSE-SU-2023:3015-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2021-4207: Fixed double fetch in qxlcursor that could lead to heap buffer overflow bsc1198037. - CVE-2023-0330: Fixed DMA reentrancy issue that could lead to stack overflow bsc1207205. - CVE-2023-2861: Fixed improper access control on special...

SUSE-SU-2022:4569-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040022 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-4139: Fixed an issue wi...

SUSE-SU-2022:4551-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005976 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-4139: Fixed an issue...

SUSE-SU-2022:4546-1 Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122136 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-3586: Fixed use-after-fre...

SUSE-SU-2022:4533-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197120 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-3586: Fixed...

SUSE-SU-2022:4534-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-1503005971 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-4139: Fixed an issue...

SUSE-SU-2022:4527-1 Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197111 fixes several issues. The following security issues were fixed: - CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation bsc1205128. - CVE-2022-4378: Fixed stack overflow in doprocdointvec bsc1206207. - CVE-2022-3586: Fixed...

GHSA-XQ3C-8GQM-V648 async-graphql / async-graphql - @DOS GraphQL Nested Fragments overflow

Impact Executing deeply nested queries may cause stack overflow. Patches Upgrade to v4.0.6...

SUSE-SU-2021:14848-1 Security update for xen

This update for xen fixes the following issues: - CVE-2021-0089: Fixed Speculative Code Store Bypass XSA-375 bsc1186433. - CVE-2021-20255: Fixed stack overflow via infinite recursion in eepro100 bsc1182654. - CVE-2021-28690: Fixed x86 TSX Async Abort protections not restored after S3 XSA-377...

SUSE-SU-2021:3575-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - usbredir: free call on invalid pointer in bufpalloc bsc1189145, CVE-2021-3682 - NULL pointer dereference in ESP bsc1180433, CVE-2020-35504 bsc1180434, CVE-2020-35505 bsc1180435, CVE-2020-35506 - NULL pointer dereference iss...

SUSE-SU-2021:3201-2 Security update for hivex

This update for hivex fixes the following issues: - CVE-2021-3622: Fixed stack overflow due to recursive call of getchildren bsc1189060...

SUSE-SU-2021:3201-1 Security update for hivex

This update for hivex fixes the following issues: - CVE-2021-3622: Fixed stack overflow due to recursive call of getchildren bsc1189060...

SUSE-SU-2021:2591-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure tftp bsc1187366 - CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure bootp bsc118736...

SUSE-SU-2021:2563-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure tftp bsc1187366 - CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure bootp bsc118736...