EulerOS Virtualization 2.12.0 : unbound (EulerOS-SA-2025-1575)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that i...

EulerOS Virtualization 2.12.1 : openssl (EulerOS-SA-2025-1550)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...

EulerOS Virtualization 2.12.1 : python3 (EulerOS-SA-2025-1556)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a MEDIUM severity vulnerability affecting CPython. The socket module provides a pure- Python fallback to the...

EulerOS Virtualization 2.12.0 : glib2 (EulerOS-SA-2025-1570)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not...

EulerOS Virtualization 2.12.1 : vim (EulerOS-SA-2025-1551)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. A use-after-free was found in Vim 9.1.0764. When closing a buffer visible in a window...

EulerOS Virtualization 2.12.0 : lua (EulerOS-SA-2025-1563)

According to the versions of the lua package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by...

EulerOS Virtualization 2.12.0 : httpd (EulerOS-SA-2025-1561)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based...

EulerOS Virtualization 2.12.0 : python3 (EulerOS-SA-2025-1572)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a MEDIUM severity vulnerability affecting CPython. The socket module provides a pure- Python fallback to the...

EulerOS Virtualization 2.12.1 : unbound (EulerOS-SA-2025-1559)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that i...

EulerOS Virtualization 2.12.0 : expat (EulerOS-SA-2025-1569)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit...

EulerOS Virtualization 2.12.0 : syslinux (EulerOS-SA-2025-1566)

According to the versions of the syslinux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x...

EulerOS Virtualization 2.12.0 : curl (EulerOS-SA-2025-1568)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server...

EulerOS Virtualization 2.12.1 : httpd (EulerOS-SA-2025-1546)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based...

EulerOS Virtualization 2.12.0 : OpenIPMI (EulerOS-SA-2025-1564)

According to the versions of the OpenIPMI packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : OpenIPMI before 2.0.36 has an out-of-bounds array access for authentication type in the ipmisim simulator, resulting in denial of...

EulerOS Virtualization 2.12.1 : lua (EulerOS-SA-2025-1548)

According to the versions of the lua package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by...

EulerOS Virtualization 2.12.1 : python-requests (EulerOS-SA-2025-1558)

According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This...

EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2025-1562)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved:ntb: intel: Fix the NULL vs ISERR bug for debugfscreatedir The...

Security Bulletin: This Power System update is being released to address CVE-2024-41007

Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2024-41007, by upgrading PowerVM and thus addressing the exposure ...

OESA-2025-1511 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix a flaw in existing endpoint checks Syzbot once again identified a flaw in usb endpoint checking, see 1. This time the issue stems from a...

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...