Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988995 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue during testing ...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: shutdown driver when hardware is unreliable In rare cases, ath10k may lose connection with the PCIe bus due to some unknown reasons, which could further lead to system crashes during resuming due to watchdog timeout...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98 "efi/unaccepted: Fix soft lockups caused by parallel memory acceptance" has released the spinlock so other CPUs can do memory acceptance in parallel and n...

CVE-2025-54547

On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions e.g, scp, sftp multiplexed onto the same channel could perform file-system operations after a configured session timeout expired...

Node.js: Timeout-based race conditions make Uint8Array/Buffer.alloc non-zerofilled

A flaw in Node.js's buffer allocation logic was discovered, where buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover data from previous operations under specific timing conditions...

EUVD-2025-36726

On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions e.g, scp, sftp multiplexed onto the same channel could perform file-system operations after a configured session timeout expired...

CVE-2025-54547

On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions e.g, scp, sftp multiplexed onto the same channel could perform file-system operations after a configured session timeout expired...

CVE-2025-54547 On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions (e.g, scp, sftp) multiplexed onto the same channel could perform file-system operations after a configured session timeout expired

On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions e.g, scp, sftp multiplexed onto the same channel could perform file-system operations after a configured session timeout expired...

CVE-2025-54547

CVE-2025-54547 affects Arista DANZ Monitoring Fabric and related platforms where SSH session multiplexing (ControlMaster) is used. The issue allows SSH sessions multiplexed onto the same channel (e.g., scp/sftp) to perform file-system operations after a session timeout, under specific conditions ...

CVE-2025-54547 On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions (e.g, scp, sftp) multiplexed onto the same channel could perform file-system operations after a configured session timeout expired

On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions e.g, scp, sftp multiplexed onto the same channel could perform file-system operations after a configured session timeout expired...

Arista DANZ Monitoring Fabric 安全漏洞

Arista DANZ Monitoring Fabric is a traffic monitoring, security, and performance analytics platform from Arista USA. A security vulnerability exists in Arista DANZ Monitoring Fabric that stems from improperly configured SSH session multiplexing, which could result in file system operations being...

PT-2025-44353

Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description If SSH session multiplexing was configured on the client side, SSH sessions such as scp and sftp multiplexed onto the same channel could perform file-system operations after a configured...

Security update 5.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot was updated from version 0.1 to version 1.0.0: Version 1.0.0 bugs fixed: Reboot on salt key timeout bsc1237495 Fixed parsing files with space in the name bsc1252100 golang-github-prometheus-alertmanager was updated from version 0.26.0 to...

SUSE-SU-2025:3819-1 Security update 5.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot was updated from version 0.1 to version 1.0.0: - Version 1.0.0 bugs fixed: Reboot on salt key timeout bsc1237495 Fixed parsing files with space in the name bsc1252100 golang-github-prometheus-alertmanager was updated from version 0.26.0 to...

SUSE CVE-2023-53717

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirspcallback Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9kwmicmd. The callback writes...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26642)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow anonymous set with timeout flag This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC Devices Improper Locking (CVE-2024-26643)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Locking (CVE-2024-50095)

In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases madagentpriv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be...

spi: fsi: Implement a timeout for polling status

...

PT-2025-51597

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's Mediatek DRM driver has an issue where AFBC support, added by commit c410fa9b07c3, is broken on Mediatek MT8188 Genio 700 EVK platform when used with upstream Kernel a...