Aggregator

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Memory management; - Appletalk network protocol; - Netfilter; (CVE-2025-37958, CVE-2025-38666, CVE-2025-39964, CVE-2025-39993, CVE-2025-40018)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers; - Network drivers; - DesignWare USB3 driver; - Ceph distributed file system; - Network file system (NFS) server daemon; - NILFS2 file system; - File systems infrastructure; - Tracing infrastructure; - Appletalk network protocol; - IPv6 networking; - Netfilter; (CVE-2021-47146, CVE-2021-47269, CVE-2021-47385, CVE-2021-47634, CVE-2022-49026, CVE-2024-49935, CVE-2024-50067, CVE-2024-50095, CVE-2024-50179, CVE-2024-53112, CVE-2024-53217, CVE-2025-21715, CVE-2025-21722, CVE-2025-21811, CVE-2025-21855, CVE-2025-38666, CVE-2025-39964, CVE-2025-40018)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers; - Network drivers; - DesignWare USB3 driver; - Ceph distributed file system; - Network file system (NFS) server daemon; - NILFS2 file system; - File systems infrastructure; - Tracing infrastructure; - Appletalk network protocol; - IPv6 networking; - Netfilter; (CVE-2021-47146, CVE-2021-47269, CVE-2021-47385, CVE-2021-47634, CVE-2022-49026, CVE-2024-49935, CVE-2024-50067, CVE-2024-50095, CVE-2024-50179, CVE-2024-53112, CVE-2024-53217, CVE-2025-21715, CVE-2025-21722, CVE-2025-21811, CVE-2025-21855, CVE-2025-38666, CVE-2025-39964, CVE-2025-40018)

It was discovered that usbmuxd incorrectly handled certain paths received with the SavePairRecord command. A local attacker could possibly use this issue to delete and write files named *.plist in arbitrary locations.

FEDORA-2025-0fc373e72b Packages in this update:

• NetworkManager-1.54.3-1.fc43

Update description:

Update to 1.54.3 Partially fixes CVE-2025-9615. To protect totally from it, see: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2325.

FEDORA-2025-27f16898ba Packages in this update:

• NetworkManager-1.52.2-1.fc42

Update description:

Update to 1.52.2 Partially fixes CVE-2025-9615. To protect totally from it, see: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2325.

Version:next-20251215 (linux-next) Released:2025-12-15

FEDORA-2025-0f4b31c58e Packages in this update:

• assimp-6.0.2-4.fc43

Update description:

Backport fix for CVE-2025-11277

FEDORA-2025-6c78aad721 Packages in this update:

• mingw-libsoup-2.74.3-14.fc42

Update description:

Backport fix for CVE-2025-11021.

FEDORA-2025-5a82449616 Packages in this update:

• mingw-libsoup-2.74.3-14.fc43

Update description:

Backport fix for CVE-2025-11021.

FEDORA-2025-883181272e Packages in this update:

• mingw-python3-3.11.14-4.fc43

Update description:

Backport fix for CVE-2025-12084.

FEDORA-2025-34626c05f6 Packages in this update:

• mingw-python3-3.11.14-4.fc42

Update description:

Backport fix for CVE-2025-12084.

FEDORA-2025-ecdc29aa34 Packages in this update:

• mingw-glib2-2.86.3-1.fc43

Update description:

Update to 2.86.3, fixes CVE-2025-13601, CVE-2025-14087 and CVE-2025-14512.

FEDORA-2025-b2df36b70a Packages in this update:

• mingw-glib2-2.84.4-1.fc42

Update description:

Update to glib-2.84.4 and backport fixes for CVE-2025-13601, CVE-2025-14087 and CVE-2025-14512.

Version:6.19-rc1 (mainline) Released:2025-12-14 Source:linux-6.19-rc1.tar.gz Patch:full

FEDORA-EPEL-2025-69e9a501c7 Packages in this update:

• chromium-143.0.7499.109-2.el9

Update description:

Update to 143.0.7499.109

* High: Under coordination * Medium CVE-2025-14372: Use after free in Password Manager * Medium CVE-2025-14373: Inappropriate implementation in Toolbar

FEDORA-2025-a315866a59 Packages in this update:

• chromium-143.0.7499.109-2.fc42

Update description:

Update to 143.0.7499.109

* High: Under coordination * Medium CVE-2025-14372: Use after free in Password Manager * Medium CVE-2025-14373: Inappropriate implementation in Toolbar

FEDORA-EPEL-2025-fdf05692b5 Packages in this update:

• chromium-143.0.7499.109-2.el10_2

Update description:

Update to 143.0.7499.109

* High: Under coordination * Medium CVE-2025-14372: Use after free in Password Manager * Medium CVE-2025-14373: Inappropriate implementation in Toolbar