Aggregator

FEDORA-2026-a9c2a486a6 Packages in this update:

• openbao-2.5.2-1.fc43

Update description:

Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758

FEDORA-EPEL-2026-0649f3a8b7 Packages in this update:

• openbao-2.5.2-1.el10_1

Update description:

Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758

FEDORA-2026-fba501f889 Packages in this update:

• openbao-2.5.2-1.fc42

Update description:

Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758

FEDORA-EPEL-2026-edf72f1c4c Packages in this update:

• openbao-2.5.2-1.el9

Update description:

Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758

FEDORA-EPEL-2026-3ca530e604 Packages in this update:

• openbao-2.5.2-1.el10_3

Update description:

Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758

FEDORA-EPEL-2026-573863831f Packages in this update:

• openbao-2.5.2-1.el10_2

Update description:

Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758

FEDORA-2026-bb074cb239 Packages in this update:

• openbao-2.5.2-1.fc44

Update description:

Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758

FEDORA-EPEL-2026-69cfe25adc Packages in this update:

• openbao-2.5.2-1.el8

Update description:

Update to upstream 2.5.2, including fixes for CVE-2026-33757 and CVE-2026-33758

FEDORA-2026-8db2f80244 Packages in this update:

• bind-9.18.47-1.fc45
• bind-dyndb-ldap-11.11-13.fc45

Update description: Update to 9.18.47 (rhbz#2440561) Security Fixes:

• Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. (CVE-2026-1519)

Source: https://downloads.isc.org/isc/bind9/9.18.47/doc/arm/html/notes.html#notes-for-bind-9-18-47

FEDORA-2026-01c20fe8ca Packages in this update:

• bind9-next-9.21.20-1.fc44

Update description: Update to 9.21.20 (rhbz#2440560) Security Fixes:

• Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. (CVE-2026-1519)
• Fix memory leaks in code preparing DNSSEC proofs of non-existence. (CVE-2026-3104)
• Prevent a crash in code processing queries containing a TKEY record. (CVE-2026-3119)
• Fix a stack use-after-return flaw in SIG(0) handling code. (CVE-2026-3591)

New Features:

• Provide response round-trip time (RTT) counters via statistics channel.
• Introduce max-delegation-servers configuration option.

Bug Fixes:

• Fix parsing key inactivation time in KASP code.
• Fix the handling of key statements defined inside views.

Update to 9.21.19 Security Fixes:

• Fix a use-after-free error in dns_client_resolve() triggered by a DNAME response.
• Fix a NULL pointer dereference in qp-trie cache code.
• Immediately remove purged ADB names and entries from the SIEVE list.

Feature Changes:

• Record query time for all dnstap responses.
• Optimize TCP source port selection on Linux.

and multiple bug fixes.

Update to 9.21.18 Feature Changes:

• Enable minimal ANY answers by default.
• Lowercase the NSEC Next Domain Name field.
• Update requirements for system test suite.

Bug Fixes:

• Make catalog zone names and member zones' entry names case-insensitive. [GL #5693]
• Fix implementation of BRID and HHIT record types. [GL #5710]
• Fix implementation of DSYNC record type. [GL #5711]
• Fix response policy and catalog zones to work with $INCLUDE directive.

Source: https://downloads.isc.org/isc/bind9/9.21.20/doc/arm/html/notes.html#notes-for-bind-9-21-20

FEDORA-2026-a6efefa854 Packages in this update:

• bind9-next-9.21.20-1.fc43

Update description: Update to 9.21.20 (rhbz#2440560) Security Fixes:

• Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. (CVE-2026-1519)
• Fix memory leaks in code preparing DNSSEC proofs of non-existence. (CVE-2026-3104)
• Prevent a crash in code processing queries containing a TKEY record. (CVE-2026-3119)
• Fix a stack use-after-return flaw in SIG(0) handling code. (CVE-2026-3591)

New Features:

• Provide response round-trip time (RTT) counters via statistics channel.
• Introduce max-delegation-servers configuration option.

Bug Fixes:

• Fix parsing key inactivation time in KASP code.
• Fix the handling of key statements defined inside views.

Update to 9.21.19 Security Fixes:

• Fix a use-after-free error in dns_client_resolve() triggered by a DNAME response.
• Fix a NULL pointer dereference in qp-trie cache code.
• Immediately remove purged ADB names and entries from the SIEVE list.

Feature Changes:

• Record query time for all dnstap responses.
• Optimize TCP source port selection on Linux.

and multiple bug fixes.

Update to 9.21.18 Feature Changes:

• Enable minimal ANY answers by default.
• Lowercase the NSEC Next Domain Name field.
• Update requirements for system test suite.

Bug Fixes:

• Make catalog zone names and member zones' entry names case-insensitive. [GL #5693]
• Fix implementation of BRID and HHIT record types. [GL #5710]
• Fix implementation of DSYNC record type. [GL #5711]
• Fix response policy and catalog zones to work with $INCLUDE directive.

Source: https://downloads.isc.org/isc/bind9/9.21.20/doc/arm/html/notes.html#notes-for-bind-9-21-20

FEDORA-2026-bcc66a29da Packages in this update:

• bind9-next-9.21.20-1.fc42

Update description: Update to 9.21.20 (rhbz#2440560) Security Fixes:

• Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. (CVE-2026-1519)
• Fix memory leaks in code preparing DNSSEC proofs of non-existence. (CVE-2026-3104)
• Prevent a crash in code processing queries containing a TKEY record. (CVE-2026-3119)
• Fix a stack use-after-return flaw in SIG(0) handling code. (CVE-2026-3591)

New Features:

• Provide response round-trip time (RTT) counters via statistics channel.
• Introduce max-delegation-servers configuration option.

Bug Fixes:

• Fix parsing key inactivation time in KASP code.
• Fix the handling of key statements defined inside views.

Update to 9.21.19 Security Fixes:

• Fix a use-after-free error in dns_client_resolve() triggered by a DNAME response.
• Fix a NULL pointer dereference in qp-trie cache code.
• Immediately remove purged ADB names and entries from the SIEVE list.

Feature Changes:

• Record query time for all dnstap responses.
• Optimize TCP source port selection on Linux.

and multiple bug fixes.

Update to 9.21.18 Feature Changes:

• Enable minimal ANY answers by default.
• Lowercase the NSEC Next Domain Name field.
• Update requirements for system test suite.

Bug Fixes:

• Make catalog zone names and member zones' entry names case-insensitive. [GL #5693]
• Fix implementation of BRID and HHIT record types. [GL #5710]
• Fix implementation of DSYNC record type. [GL #5711]
• Fix response policy and catalog zones to work with $INCLUDE directive.

Source: https://downloads.isc.org/isc/bind9/9.21.20/doc/arm/html/notes.html#notes-for-bind-9-21-20

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to expose sensitive information. (CVE-2024-36350, CVE-2024-36357) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Xtensa architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - ATM drivers; - Drivers core; - ATA over ethernet (AOE) driver; - DRBD Distributed Replicated Block Device drivers; - Block device driver; - Network block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Bus devices; - Hardware random number generator core; - Character device driver; - TPM device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - EDAC drivers; - Arm Firmware Framework for ARMv8-A(FFA); - ARM SCMI message protocol; - EFI core; - Intel Stratix 10 firmware drivers; - FPGA Framework; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - CoreSight HW tracing drivers; - I2C subsystem; - I3C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - Input Device (Tablet) drivers; - IOMMU subsystem; - IRQ chip drivers; - ISDN/mISDN subsystem; - Mailbox framework; - MCB driver; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - Fastrpc Driver; - Microchip PCI driver; - Intel Management Engine Interface driver; - PCI Endpoint Test driver; - TI TPS6594 PFSM driver; - VMware VMCI Driver; - MMC subsystem; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Texas Instruments network drivers; - Ethernet team driver; - MediaTek network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - PCI subsystem; - PCCARD (PCMCIA/CardBus) bus subsystem; - Amlogic Meson DDR PMU; - Performance monitor drivers; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - ARM PM domains; - Power supply drivers; - Powercap sysfs driver; - PPS (Pulse Per Second) driver; - PTP clock framework; - PWM drivers; - RapidIO drivers; - Voltage and Current Regulator drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - ASPEED SoC drivers; - QCOM SoC drivers; - Samsung SoC drivers; - Texas Instruments SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - TCM subsystem; - Trusted Execution Environment drivers; - Thunderbolt and USB4 drivers; - TTY drivers; - UFS subsystem; - Userspace I/O drivers; - Cadence USB3 driver; - ChipIdea USB driver; - USB Device Class drivers; - USB core drivers; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - USB Type-C support driver; - USB Type-C Connector System Software Interface driver; - VFIO drivers; - Virtio Host (VHOST) subsystem; - Backlight driver; - Framebuffer layer; - TSM Common Guest driver; - Virtio drivers; - Xen hypervisor drivers; - AFS file system; - File systems infrastructure; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - exFAT file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - GFS2 file system; - HFS file system; - HFS+ file system; - HugeTLB file system; - Journaling layer for block devices (JBD2); - JFFS2 file system; - JFS file system; - KERNFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - OrangeFS file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - SquashFS file system; - UDF file system; - XFS file system; - DRM display driver; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Memory Management; - Internal shared memory driver; - LZO compression library; - Mellanox drivers; - NFS page cache wrapper; - padata parallel execution mechanism; - Memory management; - Networking subsytem; - Media input infrastructure; - Bluetooth subsystem; - IP tunnels definitions; - Netfilter; - Network traffic control; - Rose network layer; - SCTP protocol; - Network sockets; - UDP network protocol; - eXpress Data Path; - XFRM subsystem; - Digital Audio (PCM) driver; - Universal MIDI packet (UMP) support module; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - IPC subsystem; - Control group (cgroup); - Kernel crash support code; - Perf events; - Kernel exit() syscall; - Kernel futex primitives; - IRQ subsystem; - Padata parallel execution mechanism; - Kernel command line parsing driver; - PID allocator; - Hibernation control; - RCU subsystem; - Restartable seuqences system call mechanism; - Scheduler infrastructure; - Syscalls implementation; - Timer subsystem; - Maple Tree data structure library; - KASAN memory debugging framework; - 802.1Q VLAN protocol; - 9P file system network protocol; - Appletalk network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - CAN network layer; - Ceph Core library; - Networking core; - Devlink API; - Distributed Switch Architecture; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - MultiProtocol Label Switching driver; - Multipath TCP; - NetLabel subsystem; - Netlink; - NFC subsystem; - Open vSwitch; - RDS protocol; - RF switch subsystem; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - Integrity Measurement Architecture(IMA) framework; - ALSA framework; - WCD audio codecs; - Intel ASoC drivers; - MediaTek ASoC drivers; - QCOM ASoC drivers; - SoC audio core drivers; - USB sound devices; - Virtio sound driver; - CPU Power monitoring subsystem; - KVM subsystem; (CVE-2025-21833, CVE-2025-21884, CVE-2025-21931, CVE-2025-22026, CVE-2025-22037, CVE-2025-22101, CVE-2025-22102, CVE-2025-22103, CVE-2025-22105, CVE-2025-22106, CVE-2025-22107, CVE-2025-22113, CVE-2025-22115, CVE-2025-22120, CVE-2025-22121, CVE-2025-22124, CVE-2025-22125, CVE-2025-22126, CVE-2025-22128, CVE-2025-23129, CVE-2025-23130, CVE-2025-23133, CVE-2025-23140, CVE-2025-23141, CVE-2025-23142, CVE-2025-23143, CVE-2025-23144, CVE-2025-23145, CVE-2025-23146, CVE-2025-23147, CVE-2025-23148, CVE-2025-23149, CVE-2025-23150, CVE-2025-23151, CVE-2025-23155, CVE-2025-23156, CVE-2025-23157, CVE-2025-23158, CVE-2025-23159, CVE-2025-23160, CVE-2025-23161, CVE-2025-23163, CVE-2025-37738, CVE-2025-37739, CVE-2025-37740, CVE-2025-37741, CVE-2025-37742, CVE-2025-37744, CVE-2025-37745, CVE-2025-37748, CVE-2025-37749, CVE-2025-37754, CVE-2025-37755, CVE-2025-37757, CVE-2025-37758, CVE-2025-37759, CVE-2025-37761, CVE-2025-37763, CVE-2025-37764, CVE-2025-37765, CVE-2025-37766, CVE-2025-37767, CVE-2025-37768, CVE-2025-37769, CVE-2025-37770, CVE-2025-37771, CVE-2025-37772, CVE-2025-37773, CVE-2025-37775, CVE-2025-37777, CVE-2025-37778, CVE-2025-37780, CVE-2025-37781, CVE-2025-37784, CVE-2025-37786, CVE-2025-37787, CVE-2025-37788, CVE-2025-37789, CVE-2025-37790, CVE-2025-37792, CVE-2025-37793, CVE-2025-37794, CVE-2025-37796, CVE-2025-37799, CVE-2025-37800, CVE-2025-37801, CVE-2025-37803, CVE-2025-37805, CVE-2025-37808, CVE-2025-37809, CVE-2025-37810, CVE-2025-37811, CVE-2025-37812, CVE-2025-37813, CVE-2025-37815, CVE-2025-37816, CVE-2025-37817, CVE-2025-37819, CVE-2025-37820, CVE-2025-37822, CVE-2025-37823, CVE-2025-37824, CVE-2025-37826, CVE-2025-37827, CVE-2025-37828, CVE-2025-37829, CVE-2025-37830, CVE-2025-37831, CVE-2025-37836, CVE-2025-37839, CVE-2025-37840, CVE-2025-37841, CVE-2025-37842, CVE-2025-37844, CVE-2025-37846, CVE-2025-37849, CVE-2025-37850, CVE-2025-37851, CVE-2025-37852, CVE-2025-37853, CVE-2025-37854, CVE-2025-37856, CVE-2025-37857, CVE-2025-37858, CVE-2025-37859, CVE-2025-37860, CVE-2025-37861, CVE-2025-37862, CVE-2025-37863, CVE-2025-37864, CVE-2025-37865, CVE-2025-37867, CVE-2025-37869, CVE-2025-37871, CVE-2025-37872, CVE-2025-37873, CVE-2025-37874, CVE-2025-37875, CVE-2025-37878, CVE-2025-37879, CVE-2025-37881, CVE-2025-37883, CVE-2025-37884, CVE-2025-37885, CVE-2025-37886, CVE-2025-37887, CVE-2025-37891, CVE-2025-37892, CVE-2025-37897, CVE-2025-37899, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37909, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37920, CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37925, CVE-2025-37927, CVE-2025-37928, CVE-2025-37930, CVE-2025-37931, CVE-2025-37933, CVE-2025-37935, CVE-2025-37936, CVE-2025-37938, CVE-2025-37940, CVE-2025-37943, CVE-2025-37944, CVE-2025-37945, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37952, CVE-2025-37956, CVE-2025-37957, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37972, CVE-2025-37973, CVE-2025-37975, CVE-2025-37977, CVE-2025-37978, CVE-2025-37979, CVE-2025-37980, CVE-2025-37982, CVE-2025-37983, CVE-2025-37984, CVE-2025-37985, CVE-2025-37986, CVE-2025-37987, CVE-2025-37988, CVE-2025-37989, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37994, CVE-2025-37995, CVE-2025-37998, CVE-2025-38003, CVE-2025-38004, CVE-2025-38005, CVE-2025-38006, CVE-2025-38007, CVE-2025-38008, CVE-2025-38009, CVE-2025-38010, CVE-2025-38011, CVE-2025-38013, CVE-2025-38014, CVE-2025-38015, CVE-2025-38018, CVE-2025-38019, CVE-2025-38020, CVE-2025-38023, CVE-2025-38024, CVE-2025-38027, CVE-2025-38031, CVE-2025-38034, CVE-2025-38035, CVE-2025-38037, CVE-2025-38039, CVE-2025-38040, CVE-2025-38043, CVE-2025-38044, CVE-2025-38045, CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38053, CVE-2025-38055, CVE-2025-38057, CVE-2025-38058, CVE-2025-38059, CVE-2025-38060, CVE-2025-38061, CVE-2025-38062, CVE-2025-38063, CVE-2025-38065, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068, CVE-2025-38071, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078, CVE-2025-38079, CVE-2025-38080, CVE-2025-38081, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090, CVE-2025-38094, CVE-2025-38095, CVE-2025-38097, CVE-2025-38098, CVE-2025-38099, CVE-2025-38100, CVE-2025-38101, CVE-2025-38102, CVE-2025-38103, CVE-2025-38104, CVE-2025-38105, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124, CVE-2025-38125, CVE-2025-38126, CVE-2025-38127, CVE-2025-38129, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38156, CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38162, CVE-2025-38163, CVE-2025-38164, CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38169, CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193, CVE-2025-38194, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38210, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38229, CVE-2025-38230, CVE-2025-38231, CVE-2025-38232, CVE-2025-38236, CVE-2025-38239, CVE-2025-38245, CVE-2025-38246, CVE-2025-38248, CVE-2025-38249, CVE-2025-38250, CVE-2025-38251, CVE-2025-38253, CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38264, CVE-2025-38265, CVE-2025-38269, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38279, CVE-2025-38280, CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38289, CVE-2025-38290, CVE-2025-38292, CVE-2025-38293, CVE-2025-38295, CVE-2025-38298, CVE-2025-38299, CVE-2025-38300, CVE-2025-38303, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38321, CVE-2025-38322, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332, CVE-2025-38333, CVE-2025-38334, CVE-2025-38335, CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38351, CVE-2025-38354, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38414, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38499, CVE-2025-38501, CVE-2025-38502, CVE-2025-38503, CVE-2025-38506, CVE-2025-38507, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38546, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38556, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38566, CVE-2025-38568, CVE-2025-38569, CVE-2025-38571, CVE-2025-38572, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38587, CVE-2025-38588, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38614, CVE-2025-38615, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38627, CVE-2025-38630, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38643, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38659, CVE-2025-38660, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38709, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38718, CVE-2025-38721, CVE-2025-38722, CVE-2025-38724, CVE-2025-38725, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38732, CVE-2025-38734, CVE-2025-38735, CVE-2025-39673, CVE-2025-39675, CVE-2025-39676, CVE-2025-39678, CVE-2025-39679, CVE-2025-39681, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693, CVE-2025-39694, CVE-2025-39697, CVE-2025-39698, CVE-2025-39701, CVE-2025-39702, CVE-2025-39703, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721, CVE-2025-39724, CVE-2025-39726, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39752, CVE-2025-39753, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39766, CVE-2025-39770, CVE-2025-39772, CVE-2025-39773, CVE-2025-39776, CVE-2025-39779, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39794, CVE-2025-39795, CVE-2025-39797, CVE-2025-39798, CVE-2025-39800, CVE-2025-39801, CVE-2025-39805, CVE-2025-39806, CVE-2025-39807, CVE-2025-39808, CVE-2025-39810, CVE-2025-39811, CVE-2025-39812, CVE-2025-39813, CVE-2025-39815, CVE-2025-39817, CVE-2025-39819, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39828, CVE-2025-39829, CVE-2025-39832, CVE-2025-39835, CVE-2025-39836, CVE-2025-39838, CVE-2025-39839, CVE-2025-39841, CVE-2025-39842, CVE-2025-39843, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39851, CVE-2025-39852, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865, CVE-2025-39866, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39876, CVE-2025-39877, CVE-2025-39880, CVE-2025-39881, CVE-2025-39883, CVE-2025-39885, CVE-2025-39886, CVE-2025-39889, CVE-2025-39890, CVE-2025-39891, CVE-2025-39894, CVE-2025-39895, CVE-2025-39897, CVE-2025-39899, CVE-2025-39901, CVE-2025-39902, CVE-2025-39907, CVE-2025-39909, CVE-2025-39911, CVE-2025-39913, CVE-2025-39914, CVE-2025-39916, CVE-2025-39920, CVE-2025-39923, CVE-2025-39927, CVE-2025-39929, CVE-2025-39931, CVE-2025-39932, CVE-2025-39934, CVE-2025-39937, CVE-2025-39938, CVE-2025-39940, CVE-2025-39942, CVE-2025-39943, CVE-2025-39944, CVE-2025-39945, CVE-2025-39946, CVE-2025-39947, CVE-2025-39948, CVE-2025-39949, CVE-2025-39950, CVE-2025-39951, CVE-2025-39952, CVE-2025-39953, CVE-2025-39955, CVE-2025-39957, CVE-2025-39961, CVE-2025-39965, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39977, CVE-2025-39978, CVE-2025-39980, CVE-2025-39981, CVE-2025-39982, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39989, CVE-2025-39991, CVE-2025-39992, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40000, CVE-2025-40001, CVE-2025-40006, CVE-2025-40008, CVE-2025-40009, CVE-2025-40010, CVE-2025-40011, CVE-2025-40013, CVE-2025-40016, CVE-2025-40019, CVE-2025-40020, CVE-2025-40021, CVE-2025-40024, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032, CVE-2025-40033, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40051, CVE-2025-40052, CVE-2025-40053, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058, CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40067, CVE-2025-40068, CVE-2025-40070, CVE-2025-40071, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080, CVE-2025-40081, CVE-2025-40083, CVE-2025-40084, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40099, CVE-2025-40100, CVE-2025-40101, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106, CVE-2025-40107, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40123, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40134, CVE-2025-40137, CVE-2025-40140, CVE-2025-40141, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156, CVE-2025-40159, CVE-2025-40160, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40169, CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40180, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40192, CVE-2025-40193, CVE-2025-40194, CVE-2025-40196, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40202, CVE-2025-40204, CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40211, CVE-2025-40215, CVE-2025-40218, CVE-2025-40219, CVE-2025-40220, CVE-2025-40221, CVE-2025-40223, CVE-2025-40226, CVE-2025-40231, CVE-2025-40233, CVE-2025-40235, CVE-2025-40237, CVE-2025-40238, CVE-2025-40240, CVE-2025-40242, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40266, CVE-2025-40268, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40297, CVE-2025-40301, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305, CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40328, CVE-2025-40329, CVE-2025-40331, CVE-2025-40333, CVE-2025-40337, CVE-2025-40339, CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40347, CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40353, CVE-2025-40358, CVE-2025-40360, CVE-2025-40363, CVE-2025-68168, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68176, CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68198, CVE-2025-68200, CVE-2025-68201, CVE-2025-68204, CVE-2025-68208, CVE-2025-68213, CVE-2025-68214, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68222, CVE-2025-68223, CVE-2025-68227, CVE-2025-68229, CVE-2025-68231, CVE-2025-68233, CVE-2025-68235, CVE-2025-68237, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68249, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68297, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68305, CVE-2025-68307, CVE-2025-68308, CVE-2025-68310, CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68315, CVE-2025-68320, CVE-2025-68321, CVE-2025-68322, CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68339, CVE-2025-68340, CVE-2025-68342, CVE-2025-68343, CVE-2025-68734, CVE-2025-68750)

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; - S390 architecture; - Sun Sparc architecture; - User-Mode Linux (UML); - x86 architecture; - Xtensa architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ACPI drivers; - ATM drivers; - Drivers core; - Block device driver; - Network block device driver; - Bluetooth drivers; - Bus devices; - Hardware random number generator core; - Character device driver; - Data acquisition framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Device frequency scaling framework; - DMA engine subsystem; - ARM SCMI message protocol; - EFI core; - Intel Stratix 10 firmware drivers; - GPU drivers; - HID subsystem; - CoreSight HW tracing drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Miscellaneous) drivers; - Input Device (Tablet) drivers; - IOMMU subsystem; - ISDN/mISDN subsystem; - Mailbox framework; - Multiple devices driver; - Media drivers; - Fastrpc Driver; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - STMicroelectronics network drivers; - Texas Instruments network drivers; - Ethernet team driver; - NVME drivers; - PCI subsystem; - PCCARD (PCMCIA/CardBus) bus subsystem; - Performance monitor drivers; - Pin controllers subsystem; - x86 platform drivers; - ARM PM domains; - PPS (Pulse Per Second) driver; - PTP clock framework; - PWM drivers; - Remote Processor subsystem; - S/390 drivers; - SCSI subsystem; - Texas Instruments SoC drivers; - TCM subsystem; - Trusted Execution Environment drivers; - TTY drivers; - Userspace I/O drivers; - Cadence USB3 driver; - DesignWare USB3 driver; - USB Gadget drivers; - USB Host Controller drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - Virtio Host (VHOST) subsystem; - Framebuffer layer; - Xen hypervisor drivers; - AFS file system; - BTRFS file system; - Ceph distributed file system; - File systems infrastructure; - EFI Variable file system; - exFAT file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - GFS2 file system; - HFS file system; - HFS+ file system; - HugeTLB file system; - JFS file system; - KERNFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - OrangeFS file system; - Proc file system; - Diskquota system; - SMB network file system; - SquashFS file system; - UDF file system; - XFS file system; - Asynchronous Transfer Mode (ATM) subsystem; - BPF subsystem; - Mellanox drivers; - NFS page cache wrapper; - Memory management; - Memory Management; - Media input infrastructure; - Bluetooth subsystem; - IP tunnels definitions; - Network traffic control; - Rose network layer; - Network sockets; - io_uring subsystem; - Control group (cgroup); - Kernel crash support code; - Kernel futex primitives; - PID allocator; - Scheduler infrastructure; - Syscalls implementation; - Timer subsystem; - Tracing infrastructure; - 9P file system network protocol; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - Ceph Core library; - Networking core; - Devlink API; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - Open vSwitch; - RF switch subsystem; - SCTP protocol; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - Integrity Measurement Architecture(IMA) framework; - Intel ASoC drivers; - QCOM ASoC drivers; - USB sound devices; (CVE-2025-21833, CVE-2025-22037, CVE-2025-22103, CVE-2025-22105, CVE-2025-22106, CVE-2025-22107, CVE-2025-22113, CVE-2025-22121, CVE-2025-22124, CVE-2025-22125, CVE-2025-23129, CVE-2025-23130, CVE-2025-23133, CVE-2025-23143, CVE-2025-37860, CVE-2025-37899, CVE-2025-38105, CVE-2025-38502, CVE-2025-38556, CVE-2025-38627, CVE-2025-38643, CVE-2025-38709, CVE-2025-39678, CVE-2025-39697, CVE-2025-39805, CVE-2025-39806, CVE-2025-39807, CVE-2025-39808, CVE-2025-39810, CVE-2025-39811, CVE-2025-39812, CVE-2025-39813, CVE-2025-39815, CVE-2025-39817, CVE-2025-39819, CVE-2025-39823, CVE-2025-39824, CVE-2025-39825, CVE-2025-39826, CVE-2025-39827, CVE-2025-39828, CVE-2025-39829, CVE-2025-39832, CVE-2025-39835, CVE-2025-39836, CVE-2025-39838, CVE-2025-39839, CVE-2025-39841, CVE-2025-39842, CVE-2025-39843, CVE-2025-39844, CVE-2025-39845, CVE-2025-39846, CVE-2025-39847, CVE-2025-39848, CVE-2025-39849, CVE-2025-39850, CVE-2025-39851, CVE-2025-39852, CVE-2025-39853, CVE-2025-39854, CVE-2025-39857, CVE-2025-39860, CVE-2025-39861, CVE-2025-39863, CVE-2025-39864, CVE-2025-39865, CVE-2025-39866, CVE-2025-39869, CVE-2025-39870, CVE-2025-39871, CVE-2025-39873, CVE-2025-39876, CVE-2025-39877, CVE-2025-39880, CVE-2025-39881, CVE-2025-39883, CVE-2025-39885, CVE-2025-39886, CVE-2025-39891, CVE-2025-39894, CVE-2025-39895, CVE-2025-39897, CVE-2025-39899, CVE-2025-39901, CVE-2025-39902, CVE-2025-39907, CVE-2025-39909, CVE-2025-39911, CVE-2025-39913, CVE-2025-39914, CVE-2025-39916, CVE-2025-39920, CVE-2025-39923, CVE-2025-39927, CVE-2025-39929, CVE-2025-39931, CVE-2025-39932, CVE-2025-39934, CVE-2025-39937, CVE-2025-39938, CVE-2025-39940, CVE-2025-39942, CVE-2025-39943, CVE-2025-39944, CVE-2025-39945, CVE-2025-39947, CVE-2025-39948, CVE-2025-39949, CVE-2025-39950, CVE-2025-39951, CVE-2025-39952, CVE-2025-39953, CVE-2025-39955, CVE-2025-39957, CVE-2025-39961, CVE-2025-39965, CVE-2025-39967, CVE-2025-39968, CVE-2025-39969, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39977, CVE-2025-39978, CVE-2025-39980, CVE-2025-39981, CVE-2025-39982, CVE-2025-39985, CVE-2025-39986, CVE-2025-39987, CVE-2025-39988, CVE-2025-39991, CVE-2025-39992, CVE-2025-39994, CVE-2025-39995, CVE-2025-39996, CVE-2025-39998, CVE-2025-40000, CVE-2025-40001, CVE-2025-40006, CVE-2025-40008, CVE-2025-40009, CVE-2025-40010, CVE-2025-40011, CVE-2025-40013, CVE-2025-40016, CVE-2025-40020, CVE-2025-40021, CVE-2025-40024, CVE-2025-40026, CVE-2025-40027, CVE-2025-40029, CVE-2025-40030, CVE-2025-40031, CVE-2025-40032, CVE-2025-40033, CVE-2025-40035, CVE-2025-40036, CVE-2025-40037, CVE-2025-40038, CVE-2025-40042, CVE-2025-40043, CVE-2025-40044, CVE-2025-40047, CVE-2025-40048, CVE-2025-40049, CVE-2025-40051, CVE-2025-40052, CVE-2025-40053, CVE-2025-40055, CVE-2025-40056, CVE-2025-40057, CVE-2025-40058, CVE-2025-40059, CVE-2025-40060, CVE-2025-40061, CVE-2025-40062, CVE-2025-40067, CVE-2025-40068, CVE-2025-40070, CVE-2025-40071, CVE-2025-40077, CVE-2025-40078, CVE-2025-40079, CVE-2025-40080, CVE-2025-40081, CVE-2025-40083, CVE-2025-40084, CVE-2025-40085, CVE-2025-40087, CVE-2025-40088, CVE-2025-40092, CVE-2025-40093, CVE-2025-40094, CVE-2025-40095, CVE-2025-40096, CVE-2025-40099, CVE-2025-40100, CVE-2025-40101, CVE-2025-40103, CVE-2025-40104, CVE-2025-40105, CVE-2025-40106, CVE-2025-40107, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40112, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40123, CVE-2025-40124, CVE-2025-40125, CVE-2025-40126, CVE-2025-40127, CVE-2025-40129, CVE-2025-40134, CVE-2025-40137, CVE-2025-40140, CVE-2025-40141, CVE-2025-40153, CVE-2025-40154, CVE-2025-40155, CVE-2025-40156, CVE-2025-40159, CVE-2025-40160, CVE-2025-40165, CVE-2025-40166, CVE-2025-40167, CVE-2025-40169, CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40176, CVE-2025-40178, CVE-2025-40179, CVE-2025-40180, CVE-2025-40183, CVE-2025-40187, CVE-2025-40188, CVE-2025-40192, CVE-2025-40193, CVE-2025-40194, CVE-2025-40196, CVE-2025-40198, CVE-2025-40200, CVE-2025-40201, CVE-2025-40202, CVE-2025-40204, CVE-2025-40205, CVE-2025-40206, CVE-2025-40207, CVE-2025-40211, CVE-2025-40218, CVE-2025-40219, CVE-2025-40220, CVE-2025-40221, CVE-2025-40223, CVE-2025-40226, CVE-2025-40231, CVE-2025-40233, CVE-2025-40235, CVE-2025-40237, CVE-2025-40238, CVE-2025-40240, CVE-2025-40242, CVE-2025-40243, CVE-2025-40244, CVE-2025-40245, CVE-2025-40248, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40266, CVE-2025-40268, CVE-2025-40269, CVE-2025-40271, CVE-2025-40272, CVE-2025-40273, CVE-2025-40275, CVE-2025-40277, CVE-2025-40278, CVE-2025-40279, CVE-2025-40280, CVE-2025-40281, CVE-2025-40282, CVE-2025-40283, CVE-2025-40284, CVE-2025-40285, CVE-2025-40286, CVE-2025-40287, CVE-2025-40288, CVE-2025-40289, CVE-2025-40292, CVE-2025-40293, CVE-2025-40294, CVE-2025-40301, CVE-2025-40303, CVE-2025-40304, CVE-2025-40305, CVE-2025-40306, CVE-2025-40307, CVE-2025-40308, CVE-2025-40309, CVE-2025-40310, CVE-2025-40311, CVE-2025-40312, CVE-2025-40313, CVE-2025-40314, CVE-2025-40315, CVE-2025-40317, CVE-2025-40318, CVE-2025-40319, CVE-2025-40320, CVE-2025-40321, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40328, CVE-2025-40329, CVE-2025-40331, CVE-2025-40333, CVE-2025-40337, CVE-2025-40339, CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40347, CVE-2025-40349, CVE-2025-40350, CVE-2025-40351, CVE-2025-40353, CVE-2025-40358, CVE-2025-40360, CVE-2025-40363, CVE-2025-68168, CVE-2025-68171, CVE-2025-68172, CVE-2025-68173, CVE-2025-68176, CVE-2025-68177, CVE-2025-68178, CVE-2025-68179, CVE-2025-68180, CVE-2025-68183, CVE-2025-68184, CVE-2025-68185, CVE-2025-68190, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68198, CVE-2025-68200, CVE-2025-68201, CVE-2025-68204, CVE-2025-68208, CVE-2025-68213, CVE-2025-68214, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68222, CVE-2025-68223, CVE-2025-68227, CVE-2025-68229, CVE-2025-68231, CVE-2025-68233, CVE-2025-68235, CVE-2025-68237, CVE-2025-68238, CVE-2025-68241, CVE-2025-68244, CVE-2025-68245, CVE-2025-68246, CVE-2025-68249, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68295, CVE-2025-68297, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68305, CVE-2025-68307, CVE-2025-68308, CVE-2025-68310, CVE-2025-68311, CVE-2025-68312, CVE-2025-68313, CVE-2025-68315, CVE-2025-68320, CVE-2025-68321, CVE-2025-68322, CVE-2025-68327, CVE-2025-68328, CVE-2025-68330, CVE-2025-68331, CVE-2025-68339, CVE-2025-68340, CVE-2025-68342, CVE-2025-68343, CVE-2025-68734)

FEDORA-2026-4de4d247a0 Packages in this update:

• nginx-1.28.3-1.fc44
• nginx-mod-brotli-1.0.0~rc-7.fc44
• nginx-mod-fancyindex-0.6.0-2.fc44
• nginx-mod-headers-more-0.39-7.fc44
• nginx-mod-modsecurity-1.0.4-8.fc44
• nginx-mod-naxsi-1.6-15.fc44
• nginx-mod-vts-0.2.4-7.fc44

Update description:

nginx-mod-brotli:

• Rebuild for 1.28.3

nginx-mod-fancyindex:

• Rebuild for 1.28.3

nginx-mod-naxsi:

• Rebuild for 1.28.3

nginx-mod-headers-more:

• Rebuild for 1.28.3

nginx-mod-vts:

• Rebuild for 1.28.3

nginx-mod-modsecurity:

• Rebuild for 1.28.3

nginx:

• Update to 1.28.3
• fixes CVE-2026-27654, CVE-2026-27784, CVE-2026-32647, CVE-2026-27651, CVE-2026-28753, CVE-2026-28755

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causing loss of confidentiality and integrity. (CVE-2025-62626) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ATM drivers; - Network block device driver; - Bluetooth drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - Device frequency scaling framework; - Intel Stratix 10 firmware drivers; - GPIO subsystem; - GPU drivers; - Microsoft Hyper-V drivers; - CoreSight HW tracing drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Input Device (Tablet) drivers; - IOMMU subsystem; - IRQ chip drivers; - Macintosh device drivers; - Multiple devices driver; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Texas Instruments network drivers; - Ethernet team driver; - MediaTek network drivers; - NVME drivers; - Pin controllers subsystem; - x86 platform drivers; - Voltage and Current Regulator drivers; - Real Time Clock drivers; - S/390 drivers; - SCSI subsystem; - Texas Instruments SoC drivers; - SPI subsystem; - Media Oriented Systems Transport (MOST) driver; - Realtek RTL8723BS SDIO drivers; - TCM subsystem; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - USB Type-C Connector System Software Interface driver; - Backlight driver; - Framebuffer layer; - AFS file system; - BFS file system; - BTRFS file system; - EROFS file system; - Ext4 file system; - FAT file system; - GFS2 file system; - Journaling layer for block devices (JBD2); - File systems infrastructure; - Network file system (NFS) client; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - XFS file system; - BPF subsystem; - MediaTek SoC drivers; - Bluetooth subsystem; - io_uring subsystem; - Locking primitives; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Kexec HandOver (KHO); - Memory management; - Ceph Core library; - Networking core; - Devlink API; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Open vSwitch; - Network traffic control; - VMware vSockets driver; - eXpress Data Path; - Integrity Measurement Architecture(IMA) framework; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - HD-audio driver; - Turtle Beach Wavefront ALSA driver; - SoundWire (SDCA) ASoC drivers; (CVE-2025-40246, CVE-2025-40247, CVE-2025-40248, CVE-2025-40249, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40255, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40260, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40265, CVE-2025-40266, CVE-2025-40290, CVE-2025-40345, CVE-2025-68212, CVE-2025-68213, CVE-2025-68214, CVE-2025-68215, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68221, CVE-2025-68222, CVE-2025-68223, CVE-2025-68225, CVE-2025-68227, CVE-2025-68228, CVE-2025-68229, CVE-2025-68230, CVE-2025-68231, CVE-2025-68232, CVE-2025-68233, CVE-2025-68234, CVE-2025-68235, CVE-2025-68236, CVE-2025-68237, CVE-2025-68238, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261, CVE-2025-68262, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266, CVE-2025-68281, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68292, CVE-2025-68293, CVE-2025-68294, CVE-2025-68295, CVE-2025-68296, CVE-2025-68297, CVE-2025-68298, CVE-2025-68299, CVE-2025-68300, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68304, CVE-2025-68305, CVE-2025-68306, CVE-2025-68307, CVE-2025-68308, CVE-2025-68323, CVE-2025-68324, CVE-2025-68325, CVE-2025-68326, CVE-2025-68327, CVE-2025-68328, CVE-2025-68329, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68333, CVE-2025-68334, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68338, CVE-2025-68339, CVE-2025-68340, CVE-2025-68341, CVE-2025-68342, CVE-2025-68343, CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68348, CVE-2025-68349, CVE-2025-68352, CVE-2025-68354, CVE-2025-68356, CVE-2025-68358, CVE-2025-68359, CVE-2025-68360, CVE-2025-68361, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367, CVE-2025-68369, CVE-2025-68370, CVE-2025-68371, CVE-2025-68372, CVE-2025-68373, CVE-2025-68374, CVE-2025-68375, CVE-2025-68376, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724, CVE-2025-68726, CVE-2025-68727, CVE-2025-68728, CVE-2025-68729, CVE-2025-68730, CVE-2025-68732, CVE-2025-68733, CVE-2025-68735, CVE-2025-68738, CVE-2025-68739, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742, CVE-2025-68743, CVE-2025-68744, CVE-2025-68746, CVE-2025-68747, CVE-2025-68748, CVE-2025-68749, CVE-2025-68751, CVE-2025-68752, CVE-2025-68753, CVE-2025-68754, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68760, CVE-2025-68762, CVE-2025-68763, CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-71128)

Version:next-20260325 (linux-next) Released:2026-03-25

Samy Medjahed discovered that Bind incorrectly handled insecure delegation validation. A remote attacker could possibly use this issue to cause excessive NSEC3 iterations, consuming CPU resources, and leading to a denial of service. (CVE-2026-1519) Vitaly Simonovich discovered that Bind incorrectly handled memory when preparing DNSSEC proofs of non-existence. A remote attacker could possibly use this issue to cause memory consumption, leading to a denial of service. This issue only affected Ubuntu 25.10. (CVE-2026-3104) Vitaly Simonovich discovered that Bind incorrectly handled authenticated queries containing TKEY records. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 25.10. (CVE-2026-3119) It was discovered that Bind incorrectly handled DNS queries signed with SIG(0). A remote attacker could possibly use this issue to bypass ACLs. This issue only affected Ubuntu 25.10. (CVE-2026-3591)

It was discovered that Mbed TLS incorrectly handled memory allocation failures. A remote attacker could possibly use this issue to crash the program. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-44732) Jonathan Winzig discovered that Mbed TLS incorrectly handled crafted inputs. A remote attacker could possibly use this issue to crash the program, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS. (CVE-2024-23775) It was discovered that Mbed TLS incorrectly handled the TLS handshake. A remote attacker could possibly use this issue to break the security guarantees of the TLS handshake. (CVE-2025-27810) Linh Le and Ngan Nguyen discovered that Mbed TLS incorrectly documented the behavior of a function. Application code relying on the documented behavior might be affected. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2025-47917) Linh Le and Ngan Nguyen discovered that Mbed TLS incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2025-48965) It was discovered that Mbed TLS incorrectly handled a race condition. An attacker could possibly use this issue to extract AES keys. (CVE-2025-52496) Linh Le and Ngan Nguyen discovered that Mbed TLS incorrectly handled certain invalid input. A remote attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2025-52497)

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - GPIO subsystem; - GPU drivers; - BTRFS file system; - XFRM subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - SMC sockets; (CVE-2021-47599, CVE-2022-48875, CVE-2022-49072, CVE-2024-49927, CVE-2024-56640, CVE-2025-21780, CVE-2025-40215)