Aggregator

USN-7940-1: Linux kernel (Azure FIPS) vulnerabilities

Ubuntu Security Advisories
3 weeks 4 days ago
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Cryptographic API; - ACPI drivers; - Ublk userspace block driver; - Clock framework and drivers; - EDAC drivers; - GPU drivers; - HSI subsystem; - IIO subsystem; - InfiniBand drivers; - Media drivers; - MemoryStick subsystem; - Network drivers; - NTB driver; - PCI subsystem; - Remote Processor subsystem; - Thermal drivers; - Virtio Host (VHOST) subsystem; - 9P distributed file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - Memory management; - Bluetooth subsystem; - RDMA verbs API; - Kernel fork() syscall; - Timer subsystem; - Tracing infrastructure; - Watch queue notification mechanism; - Appletalk network protocol; - Asynchronous Transfer Mode (ATM) subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - Network traffic control; - SCTP protocol; - TLS protocol; - SoC Audio for Freescale CPUs drivers; (CVE-2023-53034, CVE-2024-58092, CVE-2025-21729, CVE-2025-22018, CVE-2025-22019, CVE-2025-22020, CVE-2025-22021, CVE-2025-22025, CVE-2025-22027, CVE-2025-22028, CVE-2025-22033, CVE-2025-22035, CVE-2025-22036, CVE-2025-22038, CVE-2025-22039, CVE-2025-22040, CVE-2025-22041, CVE-2025-22042, CVE-2025-22044, CVE-2025-22045, CVE-2025-22047, CVE-2025-22050, CVE-2025-22053, CVE-2025-22054, CVE-2025-22055, CVE-2025-22056, CVE-2025-22057, CVE-2025-22058, CVE-2025-22060, CVE-2025-22062, CVE-2025-22063, CVE-2025-22064, CVE-2025-22065, CVE-2025-22066, CVE-2025-22068, CVE-2025-22070, CVE-2025-22071, CVE-2025-22072, CVE-2025-22073, CVE-2025-22075, CVE-2025-22079, CVE-2025-22080, CVE-2025-22081, CVE-2025-22083, CVE-2025-22086, CVE-2025-22089, CVE-2025-22090, CVE-2025-22095, CVE-2025-22097, CVE-2025-23136, CVE-2025-23138, CVE-2025-37838, CVE-2025-37937, CVE-2025-37958, CVE-2025-38118, CVE-2025-38152, CVE-2025-38227, CVE-2025-38240, CVE-2025-38352, CVE-2025-38575, CVE-2025-38616, CVE-2025-38637, CVE-2025-38666, CVE-2025-38678, CVE-2025-39682, CVE-2025-39728, CVE-2025-39735, CVE-2025-39964, CVE-2025-39993, CVE-2025-40018, CVE-2025-40114, CVE-2025-40157)

docker-buildkit-0.26.3-1.fc42

Fedora Security Advisories
3 weeks 4 days ago
FEDORA-2025-9cf9edf688 Packages in this update:
  • docker-buildkit-0.26.3-1.fc42
Update description:
  • Update to release v0.26.3
  • Resolves CVE-2024-25621: rhbz#2419004, rhbz#2419033, rhbz#2419427
  • Upstream fix

docker-buildkit-0.26.3-1.fc43

Fedora Security Advisories
3 weeks 4 days ago
FEDORA-2025-94f9b9b1b1 Packages in this update:
  • docker-buildkit-0.26.3-1.fc43
Update description:
  • Update to release v0.26.3
  • Resolves CVE-2024-25621: rhbz#2419004, rhbz#2419033, rhbz#2419427
  • Upstream fix

docker-buildkit-0.26.3-1.fc44

Fedora Security Advisories
3 weeks 4 days ago
FEDORA-2025-e0f9ab8bc7 Packages in this update:
  • docker-buildkit-0.26.3-1.fc44
Update description:

Automatic update for docker-buildkit-0.26.3-1.fc44.

Changelog * Tue Dec 16 2025 Bradley G Smith <bradley.g.smith@gmail.com> - 0.26.3-1 - Update to release v0.26.3 - Resolves CVE-2024-25621: rhbz#2419004, rhbz#2419033, rhbz#2419427 - Upstream fix

php-8.4.16-1.fc42

Fedora Security Advisories
3 weeks 4 days ago
FEDORA-2025-ce8a4096e7 Packages in this update:
  • php-8.4.16-1.fc42
Update description:

PHP version 8.4.16 (18 Dec 2025)

Core:

  • Sync all boost.context files with release 1.86.0. (mvorisek)
  • Fixed bug GH-20435 (SensitiveParameter doesn't work for named argument passing to variadic parameter). (ndossche)
  • Fixed bug GH-20286 (use-after-destroy during userland stream_close()). (ndossche, David Carlier)

Bz2:

  • Fix assertion failures resulting in crashes with stream filter object parameters. (ndossche)

Date:

  • Fix crashes when trying to instantiate uninstantiable classes via date static constructors. (ndossche)

DOM:

  • Fix memory leak when edge case is hit when registering xpath callback. (ndossche)
  • Fixed bug GH-20395 (querySelector and querySelectorAll requires elements in $selectors to be lowercase). (ndossche)
  • Fix missing NUL byte check on C14NFile(). (ndossche)

Fibers:

  • Fixed bug GH-20483 (ASAN stack overflow with fiber.stack_size INI small value). (David Carlier)

FTP:

  • Fixed bug GH-20601 (ftp_connect overflow on timeout). (David Carlier)

GD:

  • Fixed bug GH-20511 (imagegammacorrect out of range input/output values). (David Carlier)
  • Fixed bug GH-20602 (imagescale overflow with large height values). (David Carlier)

Intl:

  • Fixed bug GH-20426 (Spoofchecker::setRestrictionLevel() error message suggests missing constants). (DanielEScherzer)

LibXML:

  • Fix some deprecations on newer libxml versions regarding input buffer/parser handling. (ndossche)

MbString:

  • Fixed bug GH-20491 (SLES15 compile error with mbstring oniguruma). (ndossche)
  • Fixed bug GH-20492 (mbstring compile warning due to non-strings). (ndossche)

MySQLnd:

  • Fixed bug GH-20528 (Regression breaks mysql connexion using an IPv6 address enclosed in square brackets). (Remi)

Opcache:

  • Fixed bug GH-20329 (opcache.file_cache broken with full interned string buffer). (Arnaud)

PDO:

Phar:

  • Fixed bug GH-20442 (Phar does not respect case-insensitiveness of __halt_compiler() when reading stub). (ndossche, TimWolla)
  • Fix broken return value of fflush() for phar file entries. (ndossche)
  • Fix assertion failure when fseeking a phar file out of bounds. (ndossche)

PHPDBG:

  • Fixed ZPP type violation in phpdbg_get_executable() and phpdbg_end_oplog(). (Girgias)

SPL:

  • Fixed bug GH-20614 (SplFixedArray incorrectly handles references in deserialization). (ndossche)

Standard:

  • Fix memory leak in array_diff() with custom type checks. (ndossche)
  • Fixed bug GH-20583 (Stack overflow in http_build_query via deep structures). (ndossche)
  • Fixed GHSA-www2-q4fc-65wf (Null byte termination in dns_get_record()). (ndossche)
  • Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer overflow in array_merge()). (CVE-2025-14178) (ndossche)
  • Fixed GHSA-3237-qqm7-mfv7 (Information Leak of Memory in getimagesize). (CVE-2025-14177) (ndossche)

Tidy:

  • Fixed bug GH-20374 (PHP with tidy and custom-tags). (ndossche)

XML:

  • Fixed bug GH-20439 (xml_set_default_handler() does not properly handle special characters in attributes when passing data to callback). (ndossche)

Zlib:

  • Fix assertion failures resulting in crashes with stream filter object parameters. (ndossche)

php-8.4.16-1.fc43

Fedora Security Advisories
3 weeks 4 days ago
FEDORA-2025-7e9290d67f Packages in this update:
  • php-8.4.16-1.fc43
Update description:

PHP version 8.4.16 (18 Dec 2025)

Core:

  • Sync all boost.context files with release 1.86.0. (mvorisek)
  • Fixed bug GH-20435 (SensitiveParameter doesn't work for named argument passing to variadic parameter). (ndossche)
  • Fixed bug GH-20286 (use-after-destroy during userland stream_close()). (ndossche, David Carlier)

Bz2:

  • Fix assertion failures resulting in crashes with stream filter object parameters. (ndossche)

Date:

  • Fix crashes when trying to instantiate uninstantiable classes via date static constructors. (ndossche)

DOM:

  • Fix memory leak when edge case is hit when registering xpath callback. (ndossche)
  • Fixed bug GH-20395 (querySelector and querySelectorAll requires elements in $selectors to be lowercase). (ndossche)
  • Fix missing NUL byte check on C14NFile(). (ndossche)

Fibers:

  • Fixed bug GH-20483 (ASAN stack overflow with fiber.stack_size INI small value). (David Carlier)

FTP:

  • Fixed bug GH-20601 (ftp_connect overflow on timeout). (David Carlier)

GD:

  • Fixed bug GH-20511 (imagegammacorrect out of range input/output values). (David Carlier)
  • Fixed bug GH-20602 (imagescale overflow with large height values). (David Carlier)

Intl:

  • Fixed bug GH-20426 (Spoofchecker::setRestrictionLevel() error message suggests missing constants). (DanielEScherzer)

LibXML:

  • Fix some deprecations on newer libxml versions regarding input buffer/parser handling. (ndossche)

MbString:

  • Fixed bug GH-20491 (SLES15 compile error with mbstring oniguruma). (ndossche)
  • Fixed bug GH-20492 (mbstring compile warning due to non-strings). (ndossche)

MySQLnd:

  • Fixed bug GH-20528 (Regression breaks mysql connexion using an IPv6 address enclosed in square brackets). (Remi)

Opcache:

  • Fixed bug GH-20329 (opcache.file_cache broken with full interned string buffer). (Arnaud)

PDO:

Phar:

  • Fixed bug GH-20442 (Phar does not respect case-insensitiveness of __halt_compiler() when reading stub). (ndossche, TimWolla)
  • Fix broken return value of fflush() for phar file entries. (ndossche)
  • Fix assertion failure when fseeking a phar file out of bounds. (ndossche)

PHPDBG:

  • Fixed ZPP type violation in phpdbg_get_executable() and phpdbg_end_oplog(). (Girgias)

SPL:

  • Fixed bug GH-20614 (SplFixedArray incorrectly handles references in deserialization). (ndossche)

Standard:

  • Fix memory leak in array_diff() with custom type checks. (ndossche)
  • Fixed bug GH-20583 (Stack overflow in http_build_query via deep structures). (ndossche)
  • Fixed GHSA-www2-q4fc-65wf (Null byte termination in dns_get_record()). (ndossche)
  • Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer overflow in array_merge()). (CVE-2025-14178) (ndossche)
  • Fixed GHSA-3237-qqm7-mfv7 (Information Leak of Memory in getimagesize). (CVE-2025-14177) (ndossche)

Tidy:

  • Fixed bug GH-20374 (PHP with tidy and custom-tags). (ndossche)

XML:

  • Fixed bug GH-20439 (xml_set_default_handler() does not properly handle special characters in attributes when passing data to callback). (ndossche)

Zlib:

  • Fix assertion failures resulting in crashes with stream filter object parameters. (ndossche)

webkitgtk-2.50.4-1.fc43

Fedora Security Advisories
3 weeks 4 days ago
FEDORA-2025-96a708ea95 Packages in this update:
  • webkitgtk-2.50.4-1.fc43
Update description:
  • Correctly handle the program name passed to the sleep disabler.
  • Ensure GStreamer is initialized before using the Quirks.
  • Fix several crashes and rendering issues.
  • Fix CVE-2025-14174, CVE-2025-43501, CVE-2025-43529, CVE-2025-43531, CVE-2025-43535, CVE-2025-43536, CVE-2025-43541

webkitgtk-2.50.4-1.fc42

Fedora Security Advisories
3 weeks 4 days ago
FEDORA-2025-3e5ba4315a Packages in this update:
  • webkitgtk-2.50.4-1.fc42
Update description:
  • Correctly handle the program name passed to the sleep disabler.
  • Ensure GStreamer is initialized before using the Quirks.
  • Fix several crashes and rendering issues.
  • Fix CVE-2025-14174, CVE-2025-43501, CVE-2025-43529, CVE-2025-43531, CVE-2025-43535, CVE-2025-43536, CVE-2025-43541

USN-7939-2: Linux kernel (Azure FIPS) vulnerabilities

Ubuntu Security Advisories
3 weeks 5 days ago
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - HSI subsystem; - I3C subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers subsystem; - AFS file system; - F2FS file system; - SMB network file system; - Padata parallel execution mechanism; - Timer subsystem; - Tracing infrastructure; - Memory management; - Appletalk network protocol; - Networking core; - Netfilter; (CVE-2022-49026, CVE-2022-49390, CVE-2023-52854, CVE-2024-35867, CVE-2024-47691, CVE-2024-49935, CVE-2024-50061, CVE-2024-50067, CVE-2024-50095, CVE-2024-50196, CVE-2024-53090, CVE-2024-53218, CVE-2024-56664, CVE-2025-21727, CVE-2025-21855, CVE-2025-37838, CVE-2025-37958, CVE-2025-38352, CVE-2025-38666, CVE-2025-39964, CVE-2025-39993, CVE-2025-40018)

USN-7939-1: Linux kernel (Azure) vulnerabilities

Ubuntu Security Advisories
3 weeks 5 days ago
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. (CVE-2025-40300) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - HSI subsystem; - I3C subsystem; - InfiniBand drivers; - Media drivers; - Network drivers; - Pin controllers subsystem; - AFS file system; - F2FS file system; - SMB network file system; - Padata parallel execution mechanism; - Timer subsystem; - Tracing infrastructure; - Memory management; - Appletalk network protocol; - Networking core; - Netfilter; (CVE-2022-49026, CVE-2022-49390, CVE-2023-52854, CVE-2024-35867, CVE-2024-47691, CVE-2024-49935, CVE-2024-50061, CVE-2024-50067, CVE-2024-50095, CVE-2024-50196, CVE-2024-53090, CVE-2024-53218, CVE-2024-56664, CVE-2025-21727, CVE-2025-21855, CVE-2025-37838, CVE-2025-37958, CVE-2025-38352, CVE-2025-38666, CVE-2025-39964, CVE-2025-39993, CVE-2025-40018)