Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059167 fixes several issues. The following security issues were fixed: CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847. CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage bsc1229504...

SUSE CVE-2025-37936

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBSENABLE loaded for guest with vCPU's value. When generating the MSRIA32PEBSENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PEBSENABLE value...

SUSE CVE-2025-37957

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

DEBIAN-CVE-2025-37957

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

UBUNTU-CVE-2025-37936

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBSENABLE loaded for guest with vCPU's value. When generating the MSRIA32PEBSENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value with the vCPU's desired PEBSENABLE value...

Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001014 fixes several issues. The following security issues were fixed: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

[SECURITY] Fedora 42 Update: open-vm-tools-12.5.2-1.fc42

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2025-1479)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2025-1386)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2025-1450)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.0 : python-configobj (EulerOS-SA-2025-1573)

According to the versions of the python-configobj package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...

EulerOS Virtualization 2.12.1 : python-configobj (EulerOS-SA-2025-1557)

According to the versions of the python-configobj package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...

EulerOS Virtualization 2.12.0 : python-requests (EulerOS-SA-2025-1574)

According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This...

EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2025-1547)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved:ntb: intel: Fix the NULL vs ISERR bug for debugfscreatedir The...

EulerOS Virtualization 2.12.1 : OpenIPMI (EulerOS-SA-2025-1549)

According to the versions of the OpenIPMI packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : OpenIPMI before 2.0.36 has an out-of-bounds array access for authentication type in the ipmisim simulator, resulting in denial of...

EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2025-1552)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server...

EulerOS Virtualization 2.12.1 : glib2 (EulerOS-SA-2025-1554)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not...

EulerOS Virtualization 2.12.1 : dhcp (EulerOS-SA-2025-1560)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer fr...

EulerOS Virtualization 2.12.1 : pam (EulerOS-SA-2025-1555)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability...

EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2025-1562)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved:ntb: intel: Fix the NULL vs ISERR bug for debugfscreatedir The...