Medium: containerd

Issue Overview: containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

Medium: postgresql15

Issue Overview: Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail...

Medium: containerd

Issue Overview: containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow CVE-2025-39998 In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup...

Important: libsoup3

Issue Overview: A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could...

Important: linux-firmware

Issue Overview: Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity. CVE-2025-54514 Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence...

Important: ecs-init

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Important: cri-tools

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Important: cni-plugins

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption CVE-2025-40019 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040...

Medium: aws-cfn-bootstrap

Issue Overview: Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc...

Medium: cups-filters

Issue Overview: CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. In CUPS-Filters versions up to and...

Medium: binutils

Issue Overview: A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfdelfgcrecordvtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to...

Medium: audiofile

Issue Overview: Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function. CVE-2025-50950 Affected Packages: audiofile Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Cor...

Medium: libpq

Issue Overview: Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using...

Medium: rsync

Issue Overview: A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue. CVE-2025-101...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

Medium: bind

Issue Overview: Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12,...

Medium: cups-filters

Issue Overview: CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data format conversion tasks needed in Printer Applications. In CUPS-Filters versions up to and...

Medium: postgresql16

Issue Overview: Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentries on umount CVE-2025-40105 In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINEDATA + EXTENTS flag combination CVE-2025-40167 In the...

Medium: containerd

Issue Overview: containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...

Low: python3

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

Low: python3.11

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3.11 Issue Correction: Run dnf update python3.11 --releasever 2023.9.20251208 or dnf update --advisory...

Important: cni-plugins

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Medium: curl

Issue Overview: wcurl path traversal with percent-encoded slashes URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. CVE-2025-11563 Affected Packages: curl Issue Correction: Run dnf...

Important: firefox

Issue Overview: A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palettelookup array bounds are not validated against externally-supplied image data, allowing an attacker to craf...

Important: glib2

Issue Overview: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the...

Important: firefox

Issue Overview: Race condition in the Graphics component. This vulnerability affects Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30. CVE-2025-13012 Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30...

Important: firefox

Issue Overview: Race condition in the Graphics component. This vulnerability affects Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30. CVE-2025-13012 Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30...

Medium: containerd

Issue Overview: containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

Important: ecs-init

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Important: firefox

Issue Overview: A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palettelookup array bounds are not validated against externally-supplied image data, allowing an attacker to craf...

Important: libpng

Issue Overview: A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palettelookup array bounds are not validated against externally-supplied image data, allowing an attacker to craf...

Important: glib2

Issue Overview: A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the...

Important: linux-firmware

Issue Overview: Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity. CVE-2025-54514 Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption CVE-2025-40019 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...

Low: python3.13

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3.13 Issue Correction: Run dnf update python3.13 --releasever 2023.9.20251208 or dnf update --advisory...

Important: tigervnc

Issue Overview: A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potential...

Important: kernel-livepatch-6.1.150-174.273

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fix DT error handling for num-channels/ees...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr CVE-2022-50516 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon Linux 2 AL2...

Important: amazon-efs-utils

Issue Overview: regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane...

Important: xmlunit

Issue Overview: XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled. CVE-2024-31573 Affected Packages: xmlunit Issue Correction: Run dnf update xmlunit...

Important: xorg-x11-server

Issue Overview: A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potential...

Important: tomcat10

Issue Overview: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could...

Important: containerd

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Important: amazon-cloudwatch-agent

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...