4537 matches found
WhatsApp Desktop for Mac 2.22.25.2 < 2.25.21.78 Incorrect Authorization (August Update)
The version of WhatsApp Desktop installed on the remote host is 2.22.25.2 prior to 2.25.21.78. It is, therefore, affected by a vulnerability as referenced in the August update advisory: - Incomplete authorization of linked device synchronization messages in WhatsApp for Mac v2.25.21.78 could have...
CVE-2025-39874
In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...
DEBIAN-CVE-2025-39874
In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...
CVE-2025-39874 macsec: sync features on RTM_NEWLINK
In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...
CVE-2025-39874
CVE-2025-39874 - Linux kernel macsec feature synchronization race : The issue occurs in macsec feature updates where lower (real) and upper device feature states can become out of sync during ETHTOOL_SFEATURES handling, potentially causing a lock in the lower device while updating features. The r...
SUSE CVE-2023-35927
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until...
SUSE CVE-2024-42268
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperforme...
SUSE CVE-2025-37749
In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on pppsynctxmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing short packets. When...
mm: move page table sync declarations to linux/pgtable.h
...
CVE-2025-56869
Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in...
net/mlx5: Fix lockdep assertion on sync reset unload event
...
dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
...
SUSE CVE-2025-39844
In the Linux kernel, the following vulnerability has been resolved: mm: move page table sync declarations to linux/pgtable.h During our internal testing, we started observing intermittent boot failures when the machine uses 4-level paging and has a large amount of persistent memory: BUG: unable t...
SUSE CVE-2025-39859
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...
CVE-2025-56869
Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in...
CVE-2025-56869
Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system via FilesManager.saveMultipart function in backend/src/applications/files/services/files-manager.service.ts, and FilesManager.compress function in...
CVE-2025-39859
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...
DEBIAN-CVE-2025-39859
In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...
CVE-2025-39845
In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCHPAGETABLESYNCMASK and archsynckernelmappings Define ARCHPAGETABLESYNCMASK and archsynckernelmappings to ensure page tables are properly synchronized when calling pdpopulatekernel. For 5-level paging,...
AZL-67526 CVE-2025-39845 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCHPAGETABLESYNCMASK and archsynckernelmappings Define ARCHPAGETABLESYNCMASK and archsynckernelmappings to ensure page tables are properly synchronized when calling pdpopulatekernel. For 5-level paging,...