Security update for libssh

This update for libssh fixes the following issues: CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in...

SUSE-SU-2025:02229-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized variable in...

AZL-64713 CVE-2025-38200 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40eclearhw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer underflow by changing the...

CVE-2025-38229 media: cxusb: no longer judge rbuf when the write fails

In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in dvbusbgenericrw succeeds and rlen is greater than 0, the read operation of...

AZL-65136 CVE-2025-49809 affecting package mtr 0.95-1

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

Exploit for Server-Side Request Forgery in Apache Kafka

Disclaimer: The vulnerabilities described in this article and...

A Note on Single-Cut Full-Open Protocols

Card-based cryptography is a research area that realizes cryptographic protocols such as secure computation by applying shuffles to sequences of cards that encode input values. A single-cut full-open protocol is one that obtains an output value by applying a random cut to an input sequence of...

PT-2025-28004

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the media component, specifically the cxusb module. The issue occurred when the write operation of usb bulk msg in dvb...

CVE-2025-49809

CVE-2025-49809 affects mtr up to version 0.95. In certain privileged contexts, execution of a program specified by the MTR_PACKET environment variable is mishandled, enabling potential local impact. Public details consistently mention macOS sudo-related considerations due to Homebrew not installi...

CVE-2025-49809

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries...

The vulnerability of the xe_pat.c component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the xepat.c component in the Linux operating system’s kernel is related to errors during initialization of variables. Exploiting this vulnerability can allow an attacker to cause a service failure...

kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider

A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider...

CVE-2024-51982

An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language PJL command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non...

The vulnerability of the privatekey_from_file() function in the libssh library allows a hacker to disclose sensitive information or cause service failures.

The vulnerability of the privatekeyfromfile function in the libssh library is related to the use of an uninitialized variable. Exploiting this vulnerability could allow an attacker to disclose sensitive information or cause service failures...

SUSE CVE-2025-4878

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption...

Security update for python311

This update for python311 fixes the following issues: Security issues fixed: CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods bsc1226447 CVE-2024-4032: Fixed incorrect IPv4 and IP...

SUSE-SU-2025:02089-1 Security update for python311

This update for python311 fixes the following issues: Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 - CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods bsc1226447 - CVE-2024-4032: Fixed incorrect IPv4...

emacs security update

1:27.2-14.el96.2 - Restore definition of variable 'enable-dir-local-variables' RHEL-92653 1:27.2-14.el96.1 - Bump Z-stream release 1:27.2-14 - Fix arbitrary code execution via Lisp macro expansion RHEL-69399 1:27.2-13 - Bump release 1:27.2-12 - Eliminate use of obsolete patch syntax RHEL-80443...

freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

A flaw was found in FreeType. In affected versions, an out-of-bounds write condition may be triggered when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value...

CVE-2022-50165

In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in wilwritefilewmi Commit 7a4836560a61 changes simplewritetobuffer with memdupuser but it forgets to change the value to be returned that came from simplewritetobuffer call. ...