Aggregator

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS.

Version:next-20251106 (linux-next) Released:2025-11-06

FEDORA-2025-3edcd991a4 Packages in this update:

• lasso-2.9.0-1.fc42

Update description:

Update to 2.9.0 Fixes CVE-2025-46705

FEDORA-EPEL-2025-7a8a4f68b8 Packages in this update:

• lasso-2.9.0-1.el10_2

Update description:

Update to 2.9.0 Fixes CVE-2025-46705

FEDORA-EPEL-2025-6099a398a7 Packages in this update:

• lasso-2.9.0-1.el10_1

Update description:

Update to 2.9.0 Fixes CVE-2025-46705

FEDORA-2025-7e6204e34e Packages in this update:

• lasso-2.9.0-1.fc41

Update description:

Update to 2.9.0 Fixes CVE-2025-46705

FEDORA-EPEL-2025-20224e07f9 Packages in this update:

• seamonkey-2.53.22-1.el8

Update description:

Update to 2.53.22

FEDORA-EPEL-2025-f748b535ef Packages in this update:

• seamonkey-2.53.22-1.el9

Update description:

Update to 2.53.22

FEDORA-2025-e49d776723 Packages in this update:

• seamonkey-2.53.22-1.fc41

Update description:

Update to 2.53.22

FEDORA-2025-4eaa870223 Packages in this update:

• seamonkey-2.53.22-1.fc42

Update description:

Update to 2.53.22

FEDORA-2025-5f24a0c1ba Packages in this update:

• seamonkey-2.53.22-1.fc43

Update description:

Update to 2.53.22

FEDORA-2025-122a933cad Packages in this update:

• docker-buildkit-0.25.2-1.fc41

Update description:

• Update to v0.25.2
• CVE-2025-58183; Resolves: rhbz#2412529
• CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
• CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
• CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
• CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
• Upstream updates

FEDORA-2025-ac008831d6 Packages in this update:

• docker-buildkit-0.25.2-1.fc42

Update description:

• Update to v0.25.2
• CVE-2025-58183; Resolves: rhbz#2412529
• CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
• CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
• CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
• CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
• Upstream updates

FEDORA-2025-d1dade0612 Packages in this update:

• docker-buildkit-0.25.2-1.fc43

Update description:

• Update to v0.25.2
• CVE-2025-58183; Resolves: rhbz#2412529
• CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945
• CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013
• CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065
• CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612
• Upstream updates

FEDORA-2025-c1b04cbaba Packages in this update:

• docker-buildkit-0.25.2-1.fc44

Update description:

Automatic update for docker-buildkit-0.25.2-1.fc44.

Changelog * Wed Nov 5 2025 Bradley G Smith <bradley.g.smith@gmail.com> - 0.25.2-1 - Update to v0.25.2 - CVE-2025-58183; Resolves: rhbz#2412529 - CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945 - CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013 - CVE-2025-61723; Resolves: rhbz#2409627, rhbz#2409349, rhbz#2409065 - CVE-2025-58189; Resolves: rhbz#2408157, rhbz#2407880, rhbz#2407612 - Upstream updates

FEDORA-2025-6924245627 Packages in this update:

• runc-1.3.3-1.fc41

Update description:

Update to release v1.3.3

FEDORA-2025-ef192f5d10 Packages in this update:

• runc-1.3.3-1.fc42

Update description:

Update to release v1.3.3

FEDORA-2025-ebd4913540 Packages in this update:

• runc-1.3.3-1.fc43

Update description:

Update to release v1.3.3

FEDORA-2025-6a0f63aaab Packages in this update:

• runc-1.3.3-1.fc44

Update description:

Automatic update for runc-1.3.3-1.fc44.

Changelog * Wed Nov 5 2025 Bradley G Smith <bradley.g.smith@gmail.com> - 2:1.3.3-1 - Update to release v1.3.3 - Resolves: rhbz#2411664, rhbz#2411410, rhbz#2411148 - Resolves: rbhz#2410768, rhbz#2410512, rhbz#2410233 - Resolves: rhbz#2409818, rhbz#2409561, rhbz#2409284 - Resolves: rhbz#2408345, rhbz#2408091, rhbz#2407818 - Security. Fixes CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 - Upstream new feature

FEDORA-2025-4ffeeb504f Packages in this update:

• webkitgtk-2.50.1-1.fc42

Update description:

Update to WebKitGTK 2.50.1:

• Improve text rendering performance.
• Fix audio playback broken on instagram.
• Fix rendering of layers with fractional transforms.
• Fix several crashes and rendering issues.
• Fix CVE-2025-43343