Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Tracing: Build event generation tests are now performed only as modules. The kprobes and synth event generation test modules add events and lock those event files during the module initialization function. They also unlock and...

CVE-2025-68216 LoongArch: BPF: Disable trampoline for kernel module function trace

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problem...

EUVD-2025-13962

Malicious code in bioql PyPI...

WAVLINK WL-WN530H4 Command Injection Vulnerability

WAVLINK WL-WN530H4 is a high-performance USB wireless card from China RuiYin WAVLINK that supports 802.11ac dual-band Wi-Fi. WAVLINK WL-WN530H4 suffers from a command injection vulnerability, which originates from the failure of the pingtest function in adm.cgi to correctly filter pingIp paramete...

Linux Distros Unpatched Vulnerability : CVE-2024-41004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation...

CVE-2022-49725 i40e: Fix call trace in setup_tx_descriptors

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix call trace in setuptxdescriptors After PF reset and ethtool -t there was call trace in dmesg sometimes leading to panic. When there was some time, around 5 seconds, between reset and test there were no errors. Problem w...

SUSE-SU-2024:4355-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names bsc1233285 - CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict bsc1233292 - CVE-2024-52532: Fixed...

OPENSUSE-SU-2024:0201-1 Security update for Botan

This update for Botan fixes the following issues: Update to 2.19.5: Fix multiple Denial of service attacks due to X.509 cert processing: CVE-2024-34702 - boo1227238 CVE-2024-34703 - boo1227607 CVE-2024-39312 - boo1227608 Fix a crash in OCB Fix a test failure in compression with certain versions o...

CVE-2024-41004 tracing: Build event generation tests only as modules

In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock get a reference those event file reference in module init function, and unlock and delete it in module...

DL1 bug fix and enhancement update

An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...

ruby:3.1 security, bug fix, and enhancement update

ruby 3.1.4-142 - Upgrade to Ruby 3.1.4. Resolves: RHEL-28565 - Fix HTTP response splitting in CGI. Resolves: RHEL-28564 - Fix ReDos vulnerability in URI. Resolves: RHEL-28567 Resolves: RHEL-28576 - Fix ReDos vulnerability in Time. Resolves: RHEL-28566 - Make RDoc soft dependency in IRB. Resolves:...

SUSE-SU-2024:0508-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 - CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 Bugs fixed: - Ensur...

PT-2023-8494 · Curl +2 · Curl +2

Name of the Vulnerable Software and Affected Versions: curl affected versions not specified Description: The issue is related to a flaw in curl where it inadvertently keeps the SSL session ID for connections in its cache even when the verify status OCSP stapling test failed. This allows a...

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 kernel: use-after-free in...

K11410303: cURL vulnerability CVE-2017-2629

Security Advisory Description curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when...

GSD-2022-1000568 pidfd: fix test failure due to stack overflow on some arches

pidfd: fix test failure due to stack overflow on some arches This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.11 by commit...

GSD-2022-1000481 pidfd: fix test failure due to stack overflow on some arches

pidfd: fix test failure due to stack overflow on some arches This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.25 by commit...

Trust Boundary Violation due to Incomplete Blacklist in Test Failure Processing in Ares

Impact This allows an attacker to create special subclasses of InvocationTargetException that escape the exception sanitization because JUnit extracts the cause in a trusted context before the exception reaches Ares. This means that arbitrary student code can be executed in a trusted context, and...

GHSA-883X-6FCH-6WJX Trust Boundary Violation due to Incomplete Blacklist in Test Failure Processing in Ares

Impact This allows an attacker to create special subclasses of InvocationTargetException that escape the exception sanitization because JUnit extracts the cause in a trusted context before the exception reaches Ares. This means that arbitrary student code can be executed in a trusted context, and...