2 hours 5 minutes ago
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- HSI subsystem;
- Bluetooth subsystem;
- Timer subsystem;
(CVE-2025-37838, CVE-2025-38118, CVE-2025-38352)
2 hours 10 minutes ago
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- DMA engine subsystem;
- GPU drivers;
- HSI subsystem;
- Media drivers;
- Ethernet team driver;
- SPI subsystem;
- USB core drivers;
- Framebuffer layer;
- BTRFS file system;
- Ext4 file system;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- Timer subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv6 networking;
- NET/ROM layer;
- Packet sockets;
- Network traffic control;
- SCTP protocol;
- VMware vSockets driver;
- USB sound devices;
(CVE-2023-52477, CVE-2023-52574, CVE-2023-52650, CVE-2024-27074,
CVE-2024-35849, CVE-2024-41006, CVE-2024-47685, CVE-2024-49924,
CVE-2024-50006, CVE-2024-50051, CVE-2024-50202, CVE-2024-50299,
CVE-2024-53124, CVE-2024-53130, CVE-2024-53131, CVE-2024-53150,
CVE-2024-56767, CVE-2024-57996, CVE-2025-21796, CVE-2025-37752,
CVE-2025-37785, CVE-2025-37838, CVE-2025-38350, CVE-2025-38352,
CVE-2025-38477, CVE-2025-38617, CVE-2025-38618)
5 hours 44 minutes ago
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- HSI subsystem;
- I3C subsystem;
- SMB network file system;
- Padata parallel execution mechanism;
- Timer subsystem;
- Networking core;
(CVE-2023-52854, CVE-2024-35867, CVE-2024-50061, CVE-2024-56664,
CVE-2025-21727, CVE-2025-37838, CVE-2025-38352)
5 hours 54 minutes ago
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered
that the Linux kernel contained insufficient branch predictor isolation
between a guest and a userspace hypervisor for certain processors. This
flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this
to expose sensitive information from the host OS. (CVE-2025-40300)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- HSI subsystem;
- I3C subsystem;
- SMB network file system;
- Padata parallel execution mechanism;
- Timer subsystem;
- Networking core;
(CVE-2023-52854, CVE-2024-35867, CVE-2024-50061, CVE-2024-56664,
CVE-2025-21727, CVE-2025-37838, CVE-2025-38352)
8 hours 32 minutes ago
FEDORA-2025-a6dd878882
Packages in this update:
- python-kdcproxy-1.1.0-1.fc44
Update description:
Automatic update for python-kdcproxy-1.1.0-1.fc44.
Changelog
* Wed Nov 19 2025 Julien Rische <
jrische@redhat.com> - 1.1.0-1
- New upstream version (1.1.0)
- Use DNS discovery for declared realms only (CVE-2025-59088)
Resolves: rhbz#2415861
- Fix DoS vulnerability based on unbounded TCP buffering (CVE-2025-59089)
Resolves: rhbz#2415860
- Stop using deprecated \
CFLAGS="${CFLAGS:-${RPM_OPT_FLAGS}}" LDFLAGS="${LDFLAGS:-${RPM_LD_FLAGS}}"\
/usr/bin/python3
setup.py build --executable="/usr/bin/python3 -sP"
/\
CFLAGS="${CFLAGS:-${RPM_OPT_FLAGS}}" LDFLAGS="${LDFLAGS:-${RPM_LD_FLAGS}}"\
/usr/bin/python3
setup.py install -O1 --skip-build --root /builddir/build/BUILD/python-kdcproxy-1.1.0-build/BUILDROOT --prefix /usr macros
rm -rfv /builddir/build/BUILD/python-kdcproxy-1.1.0-build/BUILDROOT/usr/bin/__pycache__
Resolves: rhbz#2377837
