Aggregator

Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Valkey incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a use-after-free condition, and potentially achieve remote code execution on the Valkey server. (CVE-2025-49844) It was discovered that Valkey incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a integer overflow condition, and potentially achieve remote code execution on the Valkey server. (CVE-2025-46817) It was discovered that Valkey incorrectly handled Lua objects. An authenticated attacker could possibly use this issue to escalate their privileges. (CVE-2025-46818) It was discovered that Valkey incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to read out-of-bounds memory, causing a denial of service or possibly obtaining sensitive information. (CVE-2025-46819) It was discovered that Valkey incorrectly handled memory in some calculations. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-49112)

It was discovered that H2O exhibited poor server resource management in its HTTP/2 protocol. An attacker could possibly use this issue to cause H2O to crash, resulting in a denial of service.

Matt Mastracci discovered that rust-openssl was incorrectly handling server lifetimes in certain functions. An attacker could possibly use this issue to cause a denial of service or run arbitrary memory content to the client. (CVE-2025-24898) It was discovered that rust-openssl was incorrectly handling empty strings when setting the host in certain functions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-53159) It was discovered that rust-openssl was incorrectly handling property arguments in certain functions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2025-3416)

It was discovered that FFmpeg did not properly handle the parsing of certain malformed HLS playlists. If a user were tricked into opening a specially crafted HLS playlist, an attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service.

FEDORA-2025-9831accfe9 Packages in this update:

• alexvsbus-2025.06.16.0-3.fc42

Update description:

Rebuilt against patched stb_image

Initial build for F42

FEDORA-2025-673ec8d684 Packages in this update:

• alexvsbus-2025.06.16.0-3.fc43

Update description:

Rebuilt against patched stb_image

Initial build for F43

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; (CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)

FEDORA-2025-19c65f1d15 Packages in this update:

• CuraEngine-5.4.0-10.fc43

Update description:

• Rebuilt with latest patched stb_image: memory-safety fixes

FEDORA-2025-fc872e9426 Packages in this update:

• CuraEngine-5.4.0-10.fc42

Update description:

• Rebuilt with latest patched stb_image: memory-safety fixes

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - Network drivers; - Netfilter; - TLS protocol; (CVE-2025-21729, CVE-2025-38227, CVE-2025-38616, CVE-2025-38678)

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. (CVE-2024-36331) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; - Network block device driver; - Character device driver; - Clock framework and drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - Device frequency scaling framework; - DMA engine subsystem; - EDAC drivers; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO subsystem; - IIO ADC drivers; - InfiniBand drivers; - Input Device core drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Mellanox network drivers; - PCI subsystem; - PHY drivers; - Pin controllers subsystem; - x86 platform drivers; - Power supply drivers; - Powercap sysfs driver; - Voltage and Current Regulator drivers; - S/390 drivers; - ASPEED SoC drivers; - SPI subsystem; - small TFT LCD display modules; - Media staging drivers; - USB Gadget drivers; - vDPA drivers; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - File systems infrastructure; - F2FS file system; - GFS2 file system; - Network file systems library; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - NTFS3 file system; - Proc file system; - SMB network file system; - DRM display driver; - io_uring subsystem; - Internal shared memory driver; - padata parallel execution mechanism; - Networking subsytem; - Bluetooth subsystem; - Netfilter; - UDP network protocol; - Tracing infrastructure; - BPF subsystem; - Perf events; - Padata parallel execution mechanism; - Codetag library; - KASAN memory debugging framework; - Memory management; - 802.1Q VLAN protocol; - Appletalk network protocol; - Asynchronous Transfer Mode (ATM) subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netlink; - RxRPC session sockets; - Network traffic control; - SMC sockets; - Sun RPC protocol; - TIPC protocol; - TLS protocol; - VMware vSockets driver; - Wireless networking; - XFRM subsystem; - ADI SoundPort AD1816A based soundcard drivers; - MediaTek ASoC drivers; - SOF drivers; - USB sound devices; - KVM subsystem; (CVE-2025-38335, CVE-2025-38349, CVE-2025-38351, CVE-2025-38437, CVE-2025-38438, CVE-2025-38439, CVE-2025-38440, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38446, CVE-2025-38448, CVE-2025-38449, CVE-2025-38450, CVE-2025-38451, CVE-2025-38452, CVE-2025-38453, CVE-2025-38454, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38475, CVE-2025-38476, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38484, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38492, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38501, CVE-2025-38503, CVE-2025-38505, CVE-2025-38506, CVE-2025-38507, CVE-2025-38508, CVE-2025-38509, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38517, CVE-2025-38520, CVE-2025-38521, CVE-2025-38524, CVE-2025-38525, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38534, CVE-2025-38535, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38545, CVE-2025-38546, CVE-2025-38547, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38555, CVE-2025-38556, CVE-2025-38557, CVE-2025-38558, CVE-2025-38559, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38563, CVE-2025-38565, CVE-2025-38566, CVE-2025-38567, CVE-2025-38568, CVE-2025-38569, CVE-2025-38570, CVE-2025-38571, CVE-2025-38572, CVE-2025-38573, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38584, CVE-2025-38585, CVE-2025-38586, CVE-2025-38587, CVE-2025-38588, CVE-2025-38589, CVE-2025-38590, CVE-2025-38593, CVE-2025-38595, CVE-2025-38601, CVE-2025-38602, CVE-2025-38604, CVE-2025-38605, CVE-2025-38606, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38612, CVE-2025-38615, CVE-2025-38616, CVE-2025-38619, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38628, CVE-2025-38629, CVE-2025-38630, CVE-2025-38631, CVE-2025-38632, CVE-2025-38634, CVE-2025-38635, CVE-2025-38639, CVE-2025-38640, CVE-2025-38642, CVE-2025-38643, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38648, CVE-2025-38649, CVE-2025-38650, CVE-2025-38652, CVE-2025-38653, CVE-2025-38654, CVE-2025-38655, CVE-2025-38659, CVE-2025-38660, CVE-2025-38662, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38666, CVE-2025-38668, CVE-2025-38670, CVE-2025-38671, CVE-2025-38675, CVE-2025-38678, CVE-2025-39725, CVE-2025-39726, CVE-2025-39727, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39734, CVE-2025-39809, CVE-2025-39818, CVE-2025-40157)

FEDORA-EPEL-2025-e1a26dce63 Packages in this update:

• stb-0-0.55.20251025gitf1c79c0.el8

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

Version:next-20251126 (linux-next) Released:2025-11-26

FEDORA-2025-698dc1bbfa Packages in this update:

• linux-firmware-20251125-1.fc43

Update description:

Update to 20251125:

• Revert "amdgpu: update GC 11.0.1 firmware"
• QCA: Add Bluetooth firmware for WCN685x uart interface
• qcom: Add ADSP firmware for qcs6490-thundercomm-rubikpi3
• qcom: venus-5.4: update firmware binary for v5.4
• qcom: venus-5.4: remove unused firmware file
• iwlwifi: add Sc/Wh FW for core98-181 release
• amdgpu: DMCUB updates for various ASICs
• rtl_bt: Update RTL8852B BT USB FW to 0x42D3_4E04
• ASoC: tas2781: Add more symbol links on SPI devices
• amdgpu: update numerous firmware
• amdgpu: add vce1 firmware
• mediatek MT7922: update bluetooth firmware to 20251118163447
• update firmware for MT7922 WiFi device
• qcom: update ADSP, CDSP firmware for kaanapali platform, change the license
• qcom: add ADSP, CDSP firmware for sm8750 platform
• rtl_nic: add firmware rtl9151a-1
• qcom: Update aic100 firmware files
• mt76: add firmware for MT7990
• mt76: update firmware for MT7992/MT7996
• cirrus: cs35l57: Add firmware for a few Dell products
• cirrus: cs42l45: Add firmware for Cirrus Logic CS42L45 SDCA codec
• qcom: Add sdx35 Foxconn vendor firmware image file
• Update AMD cpu microcode

FEDORA-2025-a45a370014 Packages in this update:

• linux-firmware-20251125-1.fc42

Update description:

Update to 20251125:

• Revert "amdgpu: update GC 11.0.1 firmware"
• QCA: Add Bluetooth firmware for WCN685x uart interface
• qcom: Add ADSP firmware for qcs6490-thundercomm-rubikpi3
• qcom: venus-5.4: update firmware binary for v5.4
• qcom: venus-5.4: remove unused firmware file
• iwlwifi: add Sc/Wh FW for core98-181 release
• amdgpu: DMCUB updates for various ASICs
• rtl_bt: Update RTL8852B BT USB FW to 0x42D3_4E04
• ASoC: tas2781: Add more symbol links on SPI devices
• amdgpu: update numerous firmware
• amdgpu: add vce1 firmware
• mediatek MT7922: update bluetooth firmware to 20251118163447
• update firmware for MT7922 WiFi device
• qcom: update ADSP, CDSP firmware for kaanapali platform, change the license
• qcom: add ADSP, CDSP firmware for sm8750 platform
• rtl_nic: add firmware rtl9151a-1
• qcom: Update aic100 firmware files
• mt76: add firmware for MT7990
• mt76: update firmware for MT7992/MT7996
• cirrus: cs35l57: Add firmware for a few Dell products
• cirrus: cs42l45: Add firmware for Cirrus Logic CS42L45 SDCA codec
• qcom: Add sdx35 Foxconn vendor firmware image file
• Update AMD cpu microcode

FEDORA-EPEL-2025-a91b94e5c1 Packages in this update:

• stb-0^20251025gitf1c79c0-2.el9

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-073e4f7991 Packages in this update:

• usd-25.02a-3.fc42

Update description:

Rebuilt with stb_image patched for two new security bugs.

FEDORA-EPEL-2025-632b8c5a36 Packages in this update:

• stb-0^20251025gitf1c79c0-2.el10_1

Update description:

Patch two newly-reported memory-safety bugs in stb_image:

• https://github.com/nothings/stb/issues/1860
• https://github.com/nothings/stb/issues/1861

FEDORA-2025-66db1eaeb8 Packages in this update:

• usd-25.08-10.fc43

Update description:

Rebuilt with stb_image patched for two new security bugs.