Aggregator

libmaxminddb-1.13.1-1.fc42

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-1e497526c7 Packages in this update:
  • libmaxminddb-1.13.1-1.fc42
Update description: libmaxminddb 1.13.1
  • Re-release for Ubuntu PPA, no code changes.
libmaxminddb 1.13.0
  • MMDB_get_entry_data_list() now validates that the claimed array/map size is plausible given the remaining bytes in the data section. A crafted database could previously claim millions of array elements while only having a few bytes of data, causing disproportionate memory allocation (memory amplification DoS).
  • Fixed integer overflow in MMDB_read_node() and find_ipv4_start_node() pointer arithmetic. The node_number * record_length multiplication was performed in uint32_t, which could overflow for very large databases. Now cast to uint64_t before multiplying, matching the pattern already used in find_address_in_search_tree().
  • Fixed printf format specifier mismatches in mmdblookup's metadata dump. %i was used for unsigned types and %llu for uint64_t, which is technically undefined behavior. Now uses the portable PRIu32, PRIu16, and PRIu64 macros from <inttypes.h>.
  • Fixed an integer overflow in the search tree bounds check in find_address_in_search_tree(). The addition of node_count and data_section_size was performed in uint32_t arithmetic, which could wrap on very large databases, causing valid lookups to be incorrectly rejected as corrupt.
  • Fixed a NULL pointer dereference in mmdblookup when displaying metadata for a database with an out-of-range build_epoch. The gmtime() return value is now checked before passing to strftime().
  • MMDB_close() now NULLs the file_content, data_section, and metadata_section pointers and zeroes file_size, data_section_size, and metadata_section_size after unmapping. Previously, calling MMDB_close() twice on the same struct (or calling it after a failed MMDB_open() that succeeded at mapping) would double-munmap the file content, which is undefined behavior.
  • Fixed a stack buffer overflow in print_indentation() when MMDB_dump_entry_data_list() was called with a negative indent value. The negative integer was cast to size_t, producing a massive value passed to memset(). Negative indent values are now clamped to 0.
  • MMDB_lookup_string() now sets *mmdb_error to MMDB_SUCCESS when getaddrinfo fails (non-zero *gai_error). Previously, *mmdb_error was left uninitialized in this case, which could cause callers to read an indeterminate value.
  • Added a recursion depth limit to skip_map_or_array(), matching the existing MAXIMUM_DATA_STRUCTURE_DEPTH (512) limit already used by get_entry_data_list(). A crafted MMDB file with deeply nested maps or arrays could previously cause a stack overflow via unbounded recursion in the MMDB_aget_value / MMDB_get_value code path.
  • Fixed an off-by-one error in MMDB_read_node() that allowed reading one node past the end of the search tree when called with node_number == node_count. This caused the function to read from the data section separator and return an invalid record with an underflowed data offset. The check now correctly rejects node_number >= node_count.
  • The handling of float and double types was rewritten to fix compiler errors and to eliminate the use of volatile.
  • Improved endian preprocessor check if MMDB_LITTLE_ENDIAN is not set.

libmaxminddb-1.13.1-1.fc44

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-814fe58971 Packages in this update:
  • libmaxminddb-1.13.1-1.fc44
Update description: libmaxminddb 1.13.1
  • Re-release for Ubuntu PPA, no code changes.
libmaxminddb 1.13.0
  • MMDB_get_entry_data_list() now validates that the claimed array/map size is plausible given the remaining bytes in the data section. A crafted database could previously claim millions of array elements while only having a few bytes of data, causing disproportionate memory allocation (memory amplification DoS).
  • Fixed integer overflow in MMDB_read_node() and find_ipv4_start_node() pointer arithmetic. The node_number * record_length multiplication was performed in uint32_t, which could overflow for very large databases. Now cast to uint64_t before multiplying, matching the pattern already used in find_address_in_search_tree().
  • Fixed printf format specifier mismatches in mmdblookup's metadata dump. %i was used for unsigned types and %llu for uint64_t, which is technically undefined behavior. Now uses the portable PRIu32, PRIu16, and PRIu64 macros from <inttypes.h>.
  • Fixed an integer overflow in the search tree bounds check in find_address_in_search_tree(). The addition of node_count and data_section_size was performed in uint32_t arithmetic, which could wrap on very large databases, causing valid lookups to be incorrectly rejected as corrupt.
  • Fixed a NULL pointer dereference in mmdblookup when displaying metadata for a database with an out-of-range build_epoch. The gmtime() return value is now checked before passing to strftime().
  • MMDB_close() now NULLs the file_content, data_section, and metadata_section pointers and zeroes file_size, data_section_size, and metadata_section_size after unmapping. Previously, calling MMDB_close() twice on the same struct (or calling it after a failed MMDB_open() that succeeded at mapping) would double-munmap the file content, which is undefined behavior.
  • Fixed a stack buffer overflow in print_indentation() when MMDB_dump_entry_data_list() was called with a negative indent value. The negative integer was cast to size_t, producing a massive value passed to memset(). Negative indent values are now clamped to 0.
  • MMDB_lookup_string() now sets *mmdb_error to MMDB_SUCCESS when getaddrinfo fails (non-zero *gai_error). Previously, *mmdb_error was left uninitialized in this case, which could cause callers to read an indeterminate value.
  • Added a recursion depth limit to skip_map_or_array(), matching the existing MAXIMUM_DATA_STRUCTURE_DEPTH (512) limit already used by get_entry_data_list(). A crafted MMDB file with deeply nested maps or arrays could previously cause a stack overflow via unbounded recursion in the MMDB_aget_value / MMDB_get_value code path.
  • Fixed an off-by-one error in MMDB_read_node() that allowed reading one node past the end of the search tree when called with node_number == node_count. This caused the function to read from the data section separator and return an invalid record with an underflowed data offset. The check now correctly rejects node_number >= node_count.
  • The handling of float and double types was rewritten to fix compiler errors and to eliminate the use of volatile.
  • Improved endian preprocessor check if MMDB_LITTLE_ENDIAN is not set.

USN-8062-1: curl vulnerabilities

Ubuntu Security Advisories
1 week 5 days ago
It was discovered that curl incorrectly handled cookies when redirected from secure to insecure connections. An attacker could possibly use this issue to cause a denial of service, or obtain sensitive information. This issue only affected Ubuntu 25.10. (CVE-2025-9086) Calvin Ruocco discovered that curl did not properly handle WebSocket communications under certain circumstances. A malicious server could possibly use this issue to poison proxy caches with malicious content. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-10148) Stanislav Fort discovered that wcurl did not properly handle URLs with certain encoded characters. If a user were tricked into processing a specially crafted URL, an attacker could possibly use this issue to write files outside the intended directory. This issue only affected Ubuntu 25.10. (CVE-2025-11563) Stanislav Fort discovered that curl did not properly validate pinned public keys under certain circumstances. A remote attacker could possibly use this issue to perform a machine-in-the-middle attack. This issue only affected Ubuntu 25.10.(CVE-2025-13034) Stanislav Fort discovered that curl did not properly manage TLS options when performing LDAP over TLS transfers in multi-threaded environments. Under certain circumstances, certificate verification could be unintentionally and unknowingly disabled. (CVE-2025-14017) It was discovered that curl incorrectly handled Oauth2 bearer tokens when following redirects. A remote attacker could possibly use this issue to obtain authentication credentials. (CVE-2025-14524) Stanislav Fort discovered that curl did not properly validate TLS certificates when reusing connections. A remote attacker could possibly use this issue to bypass expected certificate verification. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-14819) Harry Sintonen discovered that curl did not properly validate SSH host keys when performing SSH-based file transfers. This issue could lead to unintended bypass of custom known_hosts file. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-15079) Harry Sintonen discovered that curl built with libssh did not properly handle authentication when performing SSH-based file transfers. This could result in unintended authentication operations. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-15224)

coturn-4.9.0-1.el10_2

Fedora Security Advisories
1 week 5 days ago
FEDORA-EPEL-2026-fcf962a7f1 Packages in this update:
  • coturn-4.9.0-1.el10_2
Update description: Coturn 4.9.0
  • Multiple security fixes
  • Fix to Web Admin password check
  • Cleanup of deprecated OpenSSL APIs
  • Fix for CVE-2026-27624: Bypass localhost and IP range block using IPv4-mapped IPv6

coturn-4.9.0-1.el10_3

Fedora Security Advisories
1 week 5 days ago
FEDORA-EPEL-2026-d588880428 Packages in this update:
  • coturn-4.9.0-1.el10_3
Update description: Coturn 4.9.0
  • Multiple security fixes
  • Fix to Web Admin password check
  • Cleanup of deprecated OpenSSL APIs
  • Fix for CVE-2026-27624: Bypass localhost and IP range block using IPv4-mapped IPv6

coturn-4.9.0-1.fc42

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-2a1aa1f57f Packages in this update:
  • coturn-4.9.0-1.fc42
Update description: Coturn 4.9.0
  • Multiple security fixes
  • Fix to Web Admin password check
  • Cleanup of deprecated OpenSSL APIs
  • Fix for CVE-2026-27624: Bypass localhost and IP range block using IPv4-mapped IPv6

coturn-4.9.0-1.fc44

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-379e214a37 Packages in this update:
  • coturn-4.9.0-1.fc44
Update description: Coturn 4.9.0
  • Multiple security fixes
  • Fix to Web Admin password check
  • Cleanup of deprecated OpenSSL APIs
  • Fix for CVE-2026-27624: Bypass localhost and IP range block using IPv4-mapped IPv6

coturn-4.9.0-1.el8

Fedora Security Advisories
1 week 5 days ago
FEDORA-EPEL-2026-5537969548 Packages in this update:
  • coturn-4.9.0-1.el8
Update description: Coturn 4.9.0
  • Multiple security fixes
  • Fix to Web Admin password check
  • Cleanup of deprecated OpenSSL APIs
  • Fix for CVE-2026-27624: Bypass localhost and IP range block using IPv4-mapped IPv6

coturn-4.9.0-1.el10_1

Fedora Security Advisories
1 week 5 days ago
FEDORA-EPEL-2026-4bec57d964 Packages in this update:
  • coturn-4.9.0-1.el10_1
Update description: Coturn 4.9.0
  • Multiple security fixes
  • Fix to Web Admin password check
  • Cleanup of deprecated OpenSSL APIs
  • Fix for CVE-2026-27624: Bypass localhost and IP range block using IPv4-mapped IPv6

coturn-4.9.0-1.el9

Fedora Security Advisories
1 week 5 days ago
FEDORA-EPEL-2026-524119fe6b Packages in this update:
  • coturn-4.9.0-1.el9
Update description: Coturn 4.9.0
  • Multiple security fixes
  • Fix to Web Admin password check
  • Cleanup of deprecated OpenSSL APIs
  • Fix for CVE-2026-27624: Bypass localhost and IP range block using IPv4-mapped IPv6

coturn-4.9.0-1.fc43

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-8cb5571ddc Packages in this update:
  • coturn-4.9.0-1.fc43
Update description: Coturn 4.9.0
  • Multiple security fixes
  • Fix to Web Admin password check
  • Cleanup of deprecated OpenSSL APIs
  • Fix for CVE-2026-27624: Bypass localhost and IP range block using IPv4-mapped IPv6

openbao-2.5.1-1.el8

Fedora Security Advisories
1 week 5 days ago
FEDORA-EPEL-2026-514cb99c8f Packages in this update:
  • openbao-2.5.1-1.el8
Update description:

Update to upstream 2.5.1 Also fixes CVE-2025-58189, CVE-2025-61723, CVE-2025-61725, CVE-2025-58183, CVE-2025-58185, CVE-2025-58188 on epel-8.

USN-8045-1: Ceph vulnerabilities

Ubuntu Security Advisories
1 week 5 days ago
Martin Schobert discovered that Ceph did not properly verify SSL certificates when using Pybind for secure mail connections, which could result in accepting invalid certificates. An attacker could possibly use this issue to perform an intermediary attack and access mail server credentials or message contents. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2024-31884) It was discovered that Ceph's RADOS Gateway (RGW) did not properly handle certain header parameters. An attacker could possibly use this issue to cause the RGW service to crash, leading to a denial of service. (CVE-2024-47866)

yt-dlp-2026.02.21-1.fc44

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-937e768833 Packages in this update:
  • yt-dlp-2026.02.21-1.fc44
Update description:
  • Update to 2026.02.21. Fixes rhbz#2441709.
  • Mitigates CVE-2026-26331 / GHSA-g3gw-q23r-pgqm (rhbz#2442244)
* Sat Feb 21 2026 Dominik 'Rathann' Mierzejewski <dominik@greysector.net> - 2026.02.04-2 - fix FTBFS with python 3.14.3

yt-dlp-2026.02.21-1.fc43

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-d86b88630b Packages in this update:
  • yt-dlp-2026.02.21-1.fc43
Update description:
  • Update to 2026.02.21. Fixes rhbz#2441709.
  • Mitigates CVE-2026-26331 / GHSA-g3gw-q23r-pgqm (rhbz#2442244)

yt-dlp-2026.02.21-1.fc42

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-7d3c7180c7 Packages in this update:
  • yt-dlp-2026.02.21-1.fc42
Update description:
  • Update to 2026.02.21. Fixes rhbz#2441709.
  • Mitigates CVE-2026-26331 / GHSA-g3gw-q23r-pgqm (rhbz#2442244)

USN-8052-2: Linux kernel (Xilinx) vulnerabilities

Ubuntu Security Advisories
1 week 5 days ago
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - ATA over ethernet (AOE) driver; - DRBD Distributed Replicated Block Device drivers; - Network block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - ARM SCMI message protocol; - FPGA Framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - Microchip PCI driver; - Intel Management Engine Interface driver; - PCI Endpoint Test driver; - TI TPS6594 PFSM driver; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - PCI subsystem; - Amlogic Meson DDR PMU; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Powercap sysfs driver; - PTP clock framework; - PWM drivers; - RapidIO drivers; - Voltage and Current Regulator drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - ASPEED SoC drivers; - QCOM SoC drivers; - Samsung SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - TCM subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - USB core drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Backlight driver; - Framebuffer layer; - TSM Common Guest driver; - Virtio drivers; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - SMB network file system; - DRM display driver; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Memory Management; - Internal shared memory driver; - LZO compression library; - Mellanox drivers; - padata parallel execution mechanism; - Networking subsytem; - Bluetooth subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Network sockets; - UDP network protocol; - eXpress Data Path; - XFRM subsystem; - Digital Audio (PCM) driver; - Universal MIDI packet (UMP) support module; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - IPC subsystem; - Perf events; - Kernel exit() syscall; - IRQ subsystem; - Padata parallel execution mechanism; - Kernel command line parsing driver; - Hibernation control; - RCU subsystem; - Restartable seuqences system call mechanism; - Maple Tree data structure library; - Memory management; - KASAN memory debugging framework; - 802.1Q VLAN protocol; - 9P file system network protocol; - Appletalk network protocol; - Ethernet bridge; - CAN network layer; - Networking core; - Distributed Switch Architecture; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - MultiProtocol Label Switching driver; - Multipath TCP; - NetLabel subsystem; - Netlink; - NFC subsystem; - Open vSwitch; - RDS protocol; - Rose network layer; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA framework; - WCD audio codecs; - Intel ASoC drivers; - MediaTek ASoC drivers; - QCOM ASoC drivers; - SoC audio core drivers; - USB sound devices; - Virtio sound driver; - CPU Power monitoring subsystem; - KVM subsystem; (CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37952, CVE-2025-37954, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239, CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38560, CVE-2025-38562, CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693, CVE-2025-39694, CVE-2025-39701, CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946, CVE-2025-39989, CVE-2025-40215, CVE-2025-40297, CVE-2025-68750)

USN-8028-8: Linux kernel (IBM) vulnerabilities

Ubuntu Security Advisories
1 week 5 days ago
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - ATA over ethernet (AOE) driver; - DRBD Distributed Replicated Block Device drivers; - Network block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Bus devices; - Character device driver; - TPM device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - ARM SCMI message protocol; - FPGA Framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - HW tracing; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - IOMMU subsystem; - IRQ chip drivers; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - Microchip PCI driver; - Intel Management Engine Interface driver; - PCI Endpoint Test driver; - TI TPS6594 PFSM driver; - VMware VMCI Driver; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - PCI subsystem; - Amlogic Meson DDR PMU; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Powercap sysfs driver; - PTP clock framework; - PWM drivers; - RapidIO drivers; - Voltage and Current Regulator drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - ASPEED SoC drivers; - QCOM SoC drivers; - Samsung SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - TCM subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - USB core drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Backlight driver; - Framebuffer layer; - TSM Common Guest driver; - Virtio drivers; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Overlay file system; - Proc file system; - SMB network file system; - DRM display driver; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Memory Management; - Internal shared memory driver; - LZO compression library; - Mellanox drivers; - padata parallel execution mechanism; - Networking subsytem; - Bluetooth subsystem; - Netfilter; - Network traffic control; - SCTP protocol; - Network sockets; - UDP network protocol; - eXpress Data Path; - XFRM subsystem; - Digital Audio (PCM) driver; - Universal MIDI packet (UMP) support module; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - IPC subsystem; - Perf events; - Kernel exit() syscall; - IRQ subsystem; - Padata parallel execution mechanism; - Kernel command line parsing driver; - Hibernation control; - RCU subsystem; - Restartable seuqences system call mechanism; - Maple Tree data structure library; - Memory management; - KASAN memory debugging framework; - 802.1Q VLAN protocol; - 9P file system network protocol; - Appletalk network protocol; - Ethernet bridge; - CAN network layer; - Networking core; - Distributed Switch Architecture; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - MultiProtocol Label Switching driver; - Multipath TCP; - NetLabel subsystem; - Netlink; - NFC subsystem; - Open vSwitch; - RDS protocol; - Rose network layer; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA framework; - WCD audio codecs; - Intel ASoC drivers; - MediaTek ASoC drivers; - QCOM ASoC drivers; - SoC audio core drivers; - USB sound devices; - Virtio sound driver; - CPU Power monitoring subsystem; - KVM subsystem; (CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22101, CVE-2025-22102, CVE-2025-22115, CVE-2025-22120, CVE-2025-22126, CVE-2025-22128, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37861, CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37952, CVE-2025-37954, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239, CVE-2025-38244, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38560, CVE-2025-38562, CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38630, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693, CVE-2025-39694, CVE-2025-39701, CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39889, CVE-2025-39890, CVE-2025-39946, CVE-2025-39989, CVE-2025-40215, CVE-2025-40297, CVE-2025-68750)

yt-dlp-2026.02.21-1.fc45

Fedora Security Advisories
1 week 5 days ago
FEDORA-2026-3d6da3d46f Packages in this update:
  • yt-dlp-2026.02.21-1.fc45
Update description:

Automatic update for yt-dlp-2026.02.21-1.fc45.

Changelog * Tue Feb 24 2026 Maxwell G <maxwell@gtmx.me> - 2026.02.21-1 - Update to 2026.02.21. Fixes rhbz#2441709. - Mitigates CVE-2026-26331 / GHSA-g3gw-q23r-pgqm (rhbz#2442244)