Aggregator

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; (CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)

FEDORA-2025-19c65f1d15 Packages in this update:

• CuraEngine-5.4.0-10.fc43

Update description:

• Rebuilt with latest patched stb_image: memory-safety fixes

FEDORA-2025-fc872e9426 Packages in this update:

• CuraEngine-5.4.0-10.fc42

Update description:

• Rebuilt with latest patched stb_image: memory-safety fixes

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; (CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; - Network block device driver; - Character device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - Device frequency scaling framework; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO subsystem; - IIO ADC drivers; - InfiniBand drivers; - Input Device core drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Mellanox network drivers; - PCI subsystem; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Powercap sysfs driver; - Voltage and Current Regulator drivers; - S/390 drivers; - ASPEED SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - USB Gadget drivers; - vDPA drivers; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - File systems infrastructure; - F2FS file system; - GFS2 file system; - Network file systems library; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Proc file system; - SMB network file system; - DRM display driver; - io_uring subsystem; - Internal shared memory driver; - padata parallel execution mechanism; - Networking subsytem; - Bluetooth subsystem; - Netfilter; - UDP network protocol; - Tracing infrastructure; - BPF subsystem; - Perf events; - Padata parallel execution mechanism; - Codetag library; - KASAN memory debugging framework; - Memory management; - 802.1Q VLAN protocol; - Appletalk network protocol; - Asynchronous Transfer Mode (ATM) subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netlink; - RxRPC session sockets; - Network traffic control; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - Wireless networking; - XFRM subsystem; - ADI SoundPort AD1816A based soundcard drivers; - MediaTek ASoC drivers; - SOF drivers; - USB sound devices; - KVM subsystem; (CVE-2025-38335, CVE-2025-38349, CVE-2025-38351, CVE-2025-38437, CVE-2025-38438, CVE-2025-38439, CVE-2025-38440, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38446, CVE-2025-38448, CVE-2025-38449, CVE-2025-38450, CVE-2025-38451, CVE-2025-38452, CVE-2025-38453, CVE-2025-38454, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38475, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38484, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38492, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38501, CVE-2025-38503, CVE-2025-38505, CVE-2025-38506, CVE-2025-38507, CVE-2025-38508, CVE-2025-38509, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38517, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38525, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38534, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38545, CVE-2025-38546, CVE-2025-38547, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38556, CVE-2025-38557, CVE-2025-38558, CVE-2025-38559, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38563, CVE-2025-38565, CVE-2025-38566, CVE-2025-38567, CVE-2025-38568, CVE-2025-38569, CVE-2025-38570, CVE-2025-38571, CVE-2025-38572, CVE-2025-38573, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38586, CVE-2025-38587, CVE-2025-38588, CVE-2025-38589, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38605, CVE-2025-38606, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38615, CVE-2025-38616, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38628, CVE-2025-38629, CVE-2025-38630, CVE-2025-38631, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38642, CVE-2025-38643, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38649, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38654, CVE-2025-38655, CVE-2025-38659, CVE-2025-38660, CVE-2025-38662, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38666, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38678, CVE-2025-39725, CVE-2025-39726, CVE-2025-39727, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39809, CVE-2025-39818, CVE-2025-40157)

FEDORA-EPEL-2025-e1a26dce63 Packages in this update:

• stb-0-0.55.20251025gitf1c79c0.el8

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

Version:next-20251126 (linux-next) Released:2025-11-26

FEDORA-2025-698dc1bbfa Packages in this update:

• linux-firmware-20251125-1.fc43

Update description:

Update to 20251125:

• Revert "amdgpu: update GC 11.0.1 firmware"
• QCA: Add Bluetooth firmware for WCN685x uart interface
• qcom: Add ADSP firmware for qcs6490-thundercomm-rubikpi3
• qcom: venus-5.4: update firmware binary for v5.4
• qcom: venus-5.4: remove unused firmware file
• iwlwifi: add Sc/Wh FW for core98-181 release
• amdgpu: DMCUB updates for various ASICs
• rtl_bt: Update RTL8852B BT USB FW to 0x42D3_4E04
• ASoC: tas2781: Add more symbol links on SPI devices
• amdgpu: update numerous firmware
• amdgpu: add vce1 firmware
• mediatek MT7922: update bluetooth firmware to 20251118163447
• update firmware for MT7922 WiFi device
• qcom: update ADSP, CDSP firmware for kaanapali platform, change the license
• qcom: add ADSP, CDSP firmware for sm8750 platform
• rtl_nic: add firmware rtl9151a-1
• qcom: Update aic100 firmware files
• mt76: add firmware for MT7990
• mt76: update firmware for MT7992/MT7996
• cirrus: cs35l57: Add firmware for a few Dell products
• cirrus: cs42l45: Add firmware for Cirrus Logic CS42L45 SDCA codec
• qcom: Add sdx35 Foxconn vendor firmware image file
• Update AMD cpu microcode

FEDORA-2025-a45a370014 Packages in this update:

• linux-firmware-20251125-1.fc42

Update description:

Update to 20251125:

• Revert "amdgpu: update GC 11.0.1 firmware"
• QCA: Add Bluetooth firmware for WCN685x uart interface
• qcom: Add ADSP firmware for qcs6490-thundercomm-rubikpi3
• qcom: venus-5.4: update firmware binary for v5.4
• qcom: venus-5.4: remove unused firmware file
• iwlwifi: add Sc/Wh FW for core98-181 release
• amdgpu: DMCUB updates for various ASICs
• rtl_bt: Update RTL8852B BT USB FW to 0x42D3_4E04
• ASoC: tas2781: Add more symbol links on SPI devices
• amdgpu: update numerous firmware
• amdgpu: add vce1 firmware
• mediatek MT7922: update bluetooth firmware to 20251118163447
• update firmware for MT7922 WiFi device
• qcom: update ADSP, CDSP firmware for kaanapali platform, change the license
• qcom: add ADSP, CDSP firmware for sm8750 platform
• rtl_nic: add firmware rtl9151a-1
• qcom: Update aic100 firmware files
• mt76: add firmware for MT7990
• mt76: update firmware for MT7992/MT7996
• cirrus: cs35l57: Add firmware for a few Dell products
• cirrus: cs42l45: Add firmware for Cirrus Logic CS42L45 SDCA codec
• qcom: Add sdx35 Foxconn vendor firmware image file
• Update AMD cpu microcode

FEDORA-EPEL-2025-a91b94e5c1 Packages in this update:

• stb-0^20251025gitf1c79c0-2.el9

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-073e4f7991 Packages in this update:

• usd-25.02a-3.fc42

Update description:

Rebuilt with stb_image patched for two new security bugs.

FEDORA-EPEL-2025-632b8c5a36 Packages in this update:

• stb-0^20251025gitf1c79c0-2.el10_1

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-66db1eaeb8 Packages in this update:

• usd-25.08-10.fc43

Update description:

Rebuilt with stb_image patched for two new security bugs.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; (CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)

FEDORA-EPEL-2025-3c4c4e0490 Packages in this update:

• stb-0^20251025gitf1c79c0-2.el10_2

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; - Clock framework and drivers; - EDAC drivers; - GPU drivers; - IIO subsystem; - InfiniBand drivers; - Media drivers; - MemoryStick subsystem; - Network drivers; - NTB driver; - PCI subsystem; - Remote Processor subsystem; - Thermal drivers; - Virtio Host (VHOST) subsystem; - 9P distributed file system; - File systems infrastructure; - JFS file system; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - Memory management; - RDMA verbs API; - Kernel fork() syscall; - Tracing infrastructure; - Watch queue notification mechanism; - Asynchronous Transfer Mode (ATM) subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - Network traffic control; - SCTP protocol; - TLS protocol; - SoC Audio for Freescale CPUs drivers; (CVE-2023-53034, CVE-2024-58092, CVE-2025-22018, CVE-2025-22019, CVE-2025-22020, CVE-2025-22021, CVE-2025-22025, CVE-2025-22027, CVE-2025-22028, CVE-2025-22033, CVE-2025-22035, CVE-2025-22036, CVE-2025-22038, CVE-2025-22039, CVE-2025-22040, CVE-2025-22041, CVE-2025-22042, CVE-2025-22044, CVE-2025-22045, CVE-2025-22047, CVE-2025-22050, CVE-2025-22053, CVE-2025-22054, CVE-2025-22055, CVE-2025-22056, CVE-2025-22057, CVE-2025-22058, CVE-2025-22060, CVE-2025-22062, CVE-2025-22063, CVE-2025-22064, CVE-2025-22065, CVE-2025-22066, CVE-2025-22068, CVE-2025-22070, CVE-2025-22071, CVE-2025-22072, CVE-2025-22073, CVE-2025-22075, CVE-2025-22079, CVE-2025-22080, CVE-2025-22081, CVE-2025-22083, CVE-2025-22086, CVE-2025-22089, CVE-2025-22090, CVE-2025-22095, CVE-2025-22097, CVE-2025-23136, CVE-2025-23138, CVE-2025-37937, CVE-2025-38152, CVE-2025-38240, CVE-2025-38575, CVE-2025-38637, CVE-2025-39682, CVE-2025-39728, CVE-2025-39735, CVE-2025-40114, CVE-2025-40157)

FEDORA-2025-7ea43a29f2 Packages in this update:

• stb-0^20251025gitf1c79c0-2.fc42

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-55bbd18c79 Packages in this update:

• stb-0^20251025gitf1c79c0-2.fc43

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

Version:next-20251125 (linux-next) Released:2025-11-25