2 weeks ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Netfilter;
- Network traffic control;
(CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997,
CVE-2025-37932)
2 weeks ago
It was discovered that jq incorrectly handled certain values when parsing
JSON data. A remote attacker could possibly use this issue to cause jq to
crash, resulting in a denial of service. (CVE-2024-23337)
It was discovered that jq incorrectly handled NaN values when parsing JSON
data. A remote attacker could possibly use this issue to cause jq to crash,
resulting in a denial of service. This issue only affected Ubuntu 24.04
LTS, and Ubuntu 25.04. (CVE-2024-53427)
It was discovered that jq incorrectly handled certain values when parsing
JSON data. A remote attacker could use this issue to cause jq to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2025-48060)
2 weeks ago
It was discovered that Erlang OTP’s SSH module incorrectly enforced strict
KEX handshake hardening measures. A remote attacker able to intercept
communications could possibly use this issue to insert optional messages
into connections during the handshake. (CVE-2025-46712)
It was discovered that Erlang OTP incorrectly handled ZIP archives. If a
user or automated system were tricked into opening a specially crafted ZIP
archive, a remote attacker could possibly use this issue to overwrite
arbitrary files outside of the intended directory. (CVE-2025-4748)
2 weeks ago
USN-6885-1 fixed vulnerabilities in Apache. This update provides
the corresponding updates for Ubuntu 14.04 LTS.
Original advisory details:
Orange Tsai discovered that the Apache HTTP Server mod_rewrite module
incorrectly handled certain substitutions. A remote attacker could
possibly use this issue to execute scripts in directories not directly
reachable by any URL, or cause a denial of service. Some environments
may require using the new UnsafeAllow3F flag to handle unsafe
substitutions. (CVE-2024-38474, CVE-2024-38475)
2 weeks 1 day ago
Version:next-20250721 (linux-next)
Released:2025-07-21
2 weeks 1 day ago
FEDORA-2025-deb3a02c42
Packages in this update:
Update description:
libinput 1.28.903 - fixes key events accidentally printed (and thus logged to the system log) if debug logs were enabled at the compositor level.
Only affects the recent 1.28.901 and 1.28.902 releases, mutter/wlroots are unaffected but kwin and Xorg may log depending on whether the user has
enabled debug logging (which is unlikely).
2 weeks 1 day ago
2 weeks 3 days ago
FEDORA-2025-ac4268959b
Packages in this update:
Update description:
Automatic update for grpcurl-1.9.3-1.fc43.
Changelog
* Fri Jul 18 2025 Mikel Olasagasti Uranga <
mikel@olasagasti.info> - 1.9.3-1
- Update to 1.9.3 - Closes rhbz#2351413 rhbz#2352295 rhbz#2348829
2 weeks 3 days ago
FEDORA-2025-a39532f9e1
Packages in this update:
- mingw-binutils-2.43.1-4.fc42
Update description:
Backport fixes for CVE-2025-7545 and CVE-2025-7546.
2 weeks 3 days ago
FEDORA-2025-200da46dc6
Packages in this update:
- mingw-binutils-2.42-3.fc41
Update description:
Backport fixes for CVE-2025-7545 and CVE-2025-7546.
2 weeks 3 days ago
Version:next-20250718 (linux-next)
Released:2025-07-18
2 weeks 3 days ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture;
- Block layer subsystem;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- Network block device driver;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- FireWire subsystem;
- GPU drivers;
- HID subsystem;
- I3C subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- Media drivers;
- NVIDIA Tegra memory controller driver;
- Fastrpc Driver;
- Network drivers;
- Operating Performance Points (OPP) driver;
- PCI subsystem;
- x86 platform drivers;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- Remote Processor subsystem;
- Real Time Clock drivers;
- SCSI subsystem;
- QCOM SoC drivers;
- Media staging drivers;
- TTY drivers;
- UFS subsystem;
- USB Gadget drivers;
- USB Host Controller drivers;
- File systems infrastructure;
- BTRFS file system;
- F2FS file system;
- NILFS2 file system;
- SMB network file system;
- UBI file system;
- Timer subsystem;
- KVM subsystem;
- Networking core;
- ptr_ring data structure definitions;
- Networking subsytem;
- Amateur Radio drivers;
- XFRM subsystem;
- Tracing infrastructure;
- BPF subsystem;
- Padata parallel execution mechanism;
- printk logging mechanism;
- Memory management;
- Bluetooth subsystem;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- NFC subsystem;
- Rose network layer;
- RxRPC session sockets;
- Network traffic control;
- Landlock security;
- Linux Security Modules (LSM) Framework;
- Tomoyo security module;
- SoC audio core drivers;
(CVE-2024-57980, CVE-2024-57999, CVE-2025-21727, CVE-2024-58058,
CVE-2024-58052, CVE-2025-21739, CVE-2025-21722, CVE-2024-58072,
CVE-2025-21748, CVE-2024-57993, CVE-2024-58003, CVE-2024-58077,
CVE-2025-21734, CVE-2024-58070, CVE-2025-21719, CVE-2024-58006,
CVE-2025-21826, CVE-2024-58061, CVE-2025-21745, CVE-2025-21715,
CVE-2024-58078, CVE-2025-21829, CVE-2024-49887, CVE-2025-21742,
CVE-2025-21721, CVE-2025-21724, CVE-2025-21828, CVE-2025-21814,
CVE-2025-21801, CVE-2024-57953, CVE-2024-58081, CVE-2024-58080,
CVE-2025-21753, CVE-2025-21732, CVE-2025-21811, CVE-2025-37974,
CVE-2024-58068, CVE-2024-58010, CVE-2024-58011, CVE-2024-58085,
CVE-2025-21714, CVE-2025-21705, CVE-2025-21735, CVE-2024-58001,
CVE-2024-58082, CVE-2024-58055, CVE-2025-21743, CVE-2025-21716,
CVE-2024-57998, CVE-2025-21731, CVE-2024-58017, CVE-2024-58053,
CVE-2025-21808, CVE-2024-57997, CVE-2024-58016, CVE-2024-58076,
CVE-2025-21710, CVE-2025-21738, CVE-2025-21809, CVE-2025-21733,
CVE-2025-21810, CVE-2024-57996, CVE-2024-58005, CVE-2025-21720,
CVE-2025-21728, CVE-2024-58054, CVE-2024-58057, CVE-2025-21725,
CVE-2025-21812, CVE-2025-21830, CVE-2024-58014, CVE-2025-21832,
CVE-2024-58002, CVE-2025-21802, CVE-2024-57986, CVE-2025-21749,
CVE-2024-58018, CVE-2024-57984, CVE-2025-21736, CVE-2024-58079,
CVE-2024-58034, CVE-2024-57973, CVE-2024-57974, CVE-2025-21718,
CVE-2025-21723, CVE-2024-58019, CVE-2025-21820, CVE-2024-58013,
CVE-2025-21707, CVE-2024-58071, CVE-2025-21711, CVE-2024-58056,
CVE-2024-58007, CVE-2024-58051, CVE-2025-21815, CVE-2024-57982,
CVE-2025-21799, CVE-2025-21754, CVE-2025-21708, CVE-2025-21798,
CVE-2024-57979, CVE-2024-57981, CVE-2024-58069, CVE-2025-21744,
CVE-2025-21741, CVE-2024-58063, CVE-2024-58083, CVE-2024-57994,
CVE-2025-21804, CVE-2025-21825, CVE-2024-57990, CVE-2025-21726,
CVE-2025-21806, CVE-2024-57975, CVE-2025-21750, CVE-2025-21816,
CVE-2025-37750)
2 weeks 3 days ago
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux
Kernel contained an improper access control vulnerability. A nearby
attacker could use this to connect a rougue device and possibly execute
arbitrary code. (CVE-2024-8805)
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- Clock framework and drivers;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- MemoryStick subsystem;
- Multifunction device drivers;
- PCI Endpoint Test driver;
- MTD block device drivers;
- Network drivers;
- Mellanox network drivers;
- NTB driver;
- Device tree and open firmware driver;
- PCI subsystem;
- TI SCI PM domains driver;
- PWM drivers;
- Voltage and Current Regulator drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- QCOM SoC drivers;
- Samsung SoC drivers;
- TCM subsystem;
- Thermal drivers;
- UFS subsystem;
- Cadence USB3 driver;
- ChipIdea USB driver;
- USB Device Class drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- Backlight driver;
- Framebuffer layer;
- Xen hypervisor drivers;
- BTRFS file system;
- Ext4 file system;
- F2FS file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NTFS3 file system;
- Proc file system;
- SMB network file system;
- Kernel stack handling interfaces;
- Bluetooth subsystem;
- IPv6 networking;
- Network traffic control;
- SCTP protocol;
- RDMA verbs API;
- SoC audio core drivers;
- BPF subsystem;
- Kernel command line parsing driver;
- Tracing infrastructure;
- Watch queue notification mechanism;
- Memory management;
- 802.1Q VLAN protocol;
- Asynchronous Transfer Mode (ATM) subsystem;
- Networking core;
- IPv4 networking;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- Multipath TCP;
- Netfilter;
- Open vSwitch;
- Phonet protocol;
- SMC sockets;
- Sun RPC protocol;
- TIPC protocol;
- TLS protocol;
- SoC Audio for Freescale CPUs drivers;
- Virtio sound driver;
- CPU Power monitoring subsystem;
(CVE-2025-37989, CVE-2025-22071, CVE-2025-37808, CVE-2025-37983,
CVE-2025-38001, CVE-2024-46816, CVE-2024-50125, CVE-2025-38575,
CVE-2025-37766, CVE-2022-49168, CVE-2025-22025, CVE-2025-22035,
CVE-2025-37923, CVE-2024-49989, CVE-2025-23148, CVE-2024-53051,
CVE-2025-39728, CVE-2025-21956, CVE-2025-37741, CVE-2025-37970,
CVE-2025-37798, CVE-2025-23157, CVE-2025-38177, CVE-2022-49535,
CVE-2025-22027, CVE-2025-37756, CVE-2025-38023, CVE-2025-22066,
CVE-2025-37780, CVE-2025-37995, CVE-2025-37739, CVE-2025-37932,
CVE-2025-37982, CVE-2025-37812, CVE-2025-23156, CVE-2025-38005,
CVE-2025-21839, CVE-2025-37892, CVE-2025-22073, CVE-2024-35866,
CVE-2023-52757, CVE-2025-37785, CVE-2025-23150, CVE-2024-58093,
CVE-2025-21992, CVE-2025-37905, CVE-2025-37836, CVE-2025-21964,
CVE-2025-23140, CVE-2025-22056, CVE-2025-37915, CVE-2025-22054,
CVE-2025-37859, CVE-2025-22050, CVE-2025-37811, CVE-2024-38540,
CVE-2025-37794, CVE-2025-37839, CVE-2022-21546, CVE-2025-22089,
CVE-2025-22079, CVE-2024-56751, CVE-2025-37789, CVE-2025-37790,
CVE-2025-23159, CVE-2025-22097, CVE-2025-37883, CVE-2025-37829,
CVE-2023-52572, CVE-2025-21962, CVE-2025-37823, CVE-2024-53203,
CVE-2025-38000, CVE-2025-38152, CVE-2025-37771, CVE-2025-39735,
CVE-2025-37992, CVE-2025-37937, CVE-2025-22081, CVE-2024-35943,
CVE-2025-37803, CVE-2025-37940, CVE-2025-22005, CVE-2025-22014,
CVE-2025-37742, CVE-2022-49063, CVE-2025-37890, CVE-2025-37969,
CVE-2025-37788, CVE-2022-48893, CVE-2025-23161, CVE-2024-46753,
CVE-2025-21853, CVE-2025-37817, CVE-2022-49636, CVE-2025-37985,
CVE-2025-37787, CVE-2025-37810, CVE-2025-22008, CVE-2025-37824,
CVE-2025-37765, CVE-2025-23145, CVE-2025-37830, CVE-2025-37913,
CVE-2025-37881, CVE-2025-37967, CVE-2025-37912, CVE-2024-42230,
CVE-2024-46821, CVE-2024-56608, CVE-2025-37805, CVE-2025-37838,
CVE-2025-38637, CVE-2025-38024, CVE-2025-23138, CVE-2025-37949,
CVE-2024-46751, CVE-2025-22007, CVE-2025-37844, CVE-2024-46812,
CVE-2025-37889, CVE-2023-53034, CVE-2025-37927, CVE-2025-37998,
CVE-2024-42322, CVE-2024-50280, CVE-2025-22086, CVE-2025-21963,
CVE-2024-50272, CVE-2024-54458, CVE-2024-36908, CVE-2025-22062,
CVE-2025-37994, CVE-2025-22044, CVE-2025-22018, CVE-2025-22010,
CVE-2024-49960, CVE-2025-37768, CVE-2025-37911, CVE-2025-22060,
CVE-2025-37781, CVE-2024-26686, CVE-2024-50047, CVE-2025-37850,
CVE-2024-46742, CVE-2025-37797, CVE-2025-37767, CVE-2025-23136,
CVE-2025-23158, CVE-2025-37792, CVE-2025-37749, CVE-2025-38009,
CVE-2024-35867, CVE-2025-37885, CVE-2025-37914, CVE-2024-46774,
CVE-2025-38094, CVE-2025-23163, CVE-2024-38541, CVE-2025-37819,
CVE-2025-22020, CVE-2025-37857, CVE-2025-21975, CVE-2024-53144,
CVE-2025-21991, CVE-2025-37867, CVE-2025-37930, CVE-2025-37796,
CVE-2025-21968, CVE-2025-22075, CVE-2025-37997, CVE-2025-22063,
CVE-2025-37840, CVE-2025-37909, CVE-2025-22045, CVE-2024-46787,
CVE-2025-37738, CVE-2025-22055, CVE-2025-37862, CVE-2024-56664,
CVE-2025-21959, CVE-2025-22004, CVE-2024-50258, CVE-2025-23146,
CVE-2025-22021, CVE-2025-21994, CVE-2025-21957, CVE-2025-37758,
CVE-2024-26739, CVE-2025-37858, CVE-2025-37757, CVE-2025-23142,
CVE-2025-23151, CVE-2025-21996, CVE-2025-21970, CVE-2025-37770,
CVE-2024-35790, CVE-2025-37773, CVE-2025-37990, CVE-2025-21941,
CVE-2025-21999, CVE-2024-53128, CVE-2025-37851, CVE-2025-23147,
CVE-2025-37964, CVE-2025-37841, CVE-2025-37875, CVE-2024-53168,
CVE-2022-49728, CVE-2025-23144, CVE-2025-37991, CVE-2024-56551,
CVE-2025-21981, CVE-2024-27402, CVE-2025-37740, CVE-2024-36945)
2 weeks 3 days ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- PCI Endpoint Test driver;
- MTD block device drivers;
- Network drivers;
- Device tree and open firmware driver;
- PCI subsystem;
- TI SCI PM domains driver;
- PWM drivers;
- S/390 drivers;
- SCSI subsystem;
- Samsung SoC drivers;
- TCM subsystem;
- UFS subsystem;
- Cadence USB3 driver;
- ChipIdea USB driver;
- USB Device Class drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- Backlight driver;
- Framebuffer layer;
- Xen hypervisor drivers;
- BTRFS file system;
- Ext4 file system;
- F2FS file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- Proc file system;
- SMB network file system;
- Kernel stack handling interfaces;
- Bluetooth subsystem;
- Network traffic control;
- SCTP protocol;
- BPF subsystem;
- Kernel command line parsing driver;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- Networking core;
- IPv6 networking;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- Multipath TCP;
- Netfilter;
- Open vSwitch;
- Phonet protocol;
- TIPC protocol;
- TLS protocol;
- Virtio sound driver;
- CPU Power monitoring subsystem;
(CVE-2022-49535, CVE-2025-37773, CVE-2025-37982, CVE-2025-37990,
CVE-2025-37859, CVE-2025-37765, CVE-2025-37768, CVE-2025-23142,
CVE-2025-37911, CVE-2024-56751, CVE-2025-37767, CVE-2025-37940,
CVE-2024-50272, CVE-2025-37858, CVE-2025-38094, CVE-2025-37905,
CVE-2025-37994, CVE-2025-38024, CVE-2024-26686, CVE-2025-37992,
CVE-2025-37983, CVE-2025-23157, CVE-2025-37867, CVE-2025-37771,
CVE-2025-38005, CVE-2025-37989, CVE-2025-37991, CVE-2025-37796,
CVE-2025-23151, CVE-2025-37738, CVE-2025-37790, CVE-2023-52757,
CVE-2025-37949, CVE-2025-37969, CVE-2025-37823, CVE-2023-52572,
CVE-2025-37844, CVE-2024-46816, CVE-2025-37851, CVE-2024-53128,
CVE-2025-37927, CVE-2025-23147, CVE-2025-37930, CVE-2024-49989,
CVE-2022-49168, CVE-2025-37794, CVE-2025-37998, CVE-2025-37810,
CVE-2024-46751, CVE-2025-37995, CVE-2025-37742, CVE-2025-37883,
CVE-2024-46742, CVE-2024-54458, CVE-2025-37964, CVE-2025-38023,
CVE-2025-37780, CVE-2022-49063, CVE-2025-37740, CVE-2025-37915,
CVE-2025-37850, CVE-2025-37758, CVE-2025-23159, CVE-2024-50258,
CVE-2025-37811, CVE-2025-37885, CVE-2025-23158, CVE-2025-37787,
CVE-2025-37792, CVE-2025-23144, CVE-2025-37805, CVE-2025-21853,
CVE-2025-23145, CVE-2025-37803, CVE-2025-37739, CVE-2025-37749,
CVE-2025-37841, CVE-2022-21546, CVE-2025-37923, CVE-2025-22027,
CVE-2025-37836, CVE-2022-48893, CVE-2025-37797, CVE-2025-23161,
CVE-2024-50125, CVE-2025-37857, CVE-2025-23163, CVE-2024-49960,
CVE-2025-37808, CVE-2025-37766, CVE-2025-23140, CVE-2025-23150,
CVE-2025-22062, CVE-2025-23148, CVE-2025-37875, CVE-2025-37819,
CVE-2025-37817, CVE-2025-37824, CVE-2024-35867, CVE-2025-37781,
CVE-2024-35790, CVE-2025-21839, CVE-2025-37829, CVE-2025-37788,
CVE-2024-35943, CVE-2025-37892, CVE-2024-38540, CVE-2025-37830,
CVE-2025-37757, CVE-2025-37871, CVE-2024-26739, CVE-2024-27402,
CVE-2025-37756, CVE-2024-46774, CVE-2025-37914, CVE-2024-50280,
CVE-2025-37909, CVE-2025-37812, CVE-2024-53203, CVE-2025-37912,
CVE-2025-38009, CVE-2024-38541, CVE-2025-37881, CVE-2025-37838,
CVE-2024-35866, CVE-2025-37789, CVE-2025-37913, CVE-2025-37985,
CVE-2025-37970, CVE-2025-37840, CVE-2025-37770, CVE-2025-37862,
CVE-2025-23156, CVE-2025-37967, CVE-2025-37741, CVE-2024-36908,
CVE-2024-42322, CVE-2025-23146, CVE-2025-37839)
2 weeks 3 days ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- PCI Endpoint Test driver;
- MTD block device drivers;
- Network drivers;
- Device tree and open firmware driver;
- PCI subsystem;
- TI SCI PM domains driver;
- PWM drivers;
- S/390 drivers;
- SCSI subsystem;
- Samsung SoC drivers;
- TCM subsystem;
- UFS subsystem;
- Cadence USB3 driver;
- ChipIdea USB driver;
- USB Device Class drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- Backlight driver;
- Framebuffer layer;
- Xen hypervisor drivers;
- BTRFS file system;
- Ext4 file system;
- F2FS file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- Proc file system;
- SMB network file system;
- Kernel stack handling interfaces;
- Bluetooth subsystem;
- Network traffic control;
- SCTP protocol;
- BPF subsystem;
- Kernel command line parsing driver;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- Networking core;
- IPv6 networking;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- Multipath TCP;
- Netfilter;
- Open vSwitch;
- Phonet protocol;
- TIPC protocol;
- TLS protocol;
- Virtio sound driver;
- CPU Power monitoring subsystem;
(CVE-2025-38024, CVE-2025-37787, CVE-2025-37741, CVE-2024-53128,
CVE-2024-27402, CVE-2025-37794, CVE-2024-50280, CVE-2025-23146,
CVE-2025-37862, CVE-2025-23151, CVE-2025-38023, CVE-2025-37797,
CVE-2025-23140, CVE-2024-35866, CVE-2025-37940, CVE-2025-37738,
CVE-2025-37905, CVE-2025-37766, CVE-2024-53203, CVE-2024-50125,
CVE-2025-37995, CVE-2025-37949, CVE-2025-37915, CVE-2025-37839,
CVE-2025-37812, CVE-2025-37857, CVE-2024-38541, CVE-2025-38094,
CVE-2025-37789, CVE-2025-37867, CVE-2025-37770, CVE-2025-37927,
CVE-2025-22062, CVE-2025-37805, CVE-2025-37841, CVE-2025-37970,
CVE-2025-37913, CVE-2025-37859, CVE-2025-37830, CVE-2025-37780,
CVE-2025-37994, CVE-2025-37840, CVE-2025-37967, CVE-2025-21853,
CVE-2025-37790, CVE-2025-37914, CVE-2025-37982, CVE-2025-37808,
CVE-2025-37740, CVE-2025-37803, CVE-2025-22027, CVE-2025-37765,
CVE-2024-54458, CVE-2025-37912, CVE-2025-23161, CVE-2025-23159,
CVE-2025-37875, CVE-2024-46774, CVE-2025-37991, CVE-2025-21839,
CVE-2024-46751, CVE-2025-37998, CVE-2025-37810, CVE-2023-52757,
CVE-2025-37851, CVE-2025-37749, CVE-2025-37871, CVE-2025-37792,
CVE-2025-37757, CVE-2024-46816, CVE-2023-52572, CVE-2025-23150,
CVE-2025-37923, CVE-2025-37964, CVE-2025-37892, CVE-2025-37989,
CVE-2025-23142, CVE-2025-38009, CVE-2025-37767, CVE-2025-37911,
CVE-2024-35943, CVE-2025-37844, CVE-2025-23158, CVE-2025-37796,
CVE-2022-21546, CVE-2025-37829, CVE-2024-50272, CVE-2022-49063,
CVE-2025-37969, CVE-2024-26686, CVE-2024-49989, CVE-2024-56751,
CVE-2025-37742, CVE-2022-48893, CVE-2024-46742, CVE-2025-23157,
CVE-2025-37781, CVE-2024-50258, CVE-2025-23148, CVE-2025-37983,
CVE-2025-37771, CVE-2025-23144, CVE-2025-37858, CVE-2024-49960,
CVE-2025-23163, CVE-2025-37881, CVE-2025-37883, CVE-2025-37773,
CVE-2025-37836, CVE-2025-23156, CVE-2025-37885, CVE-2025-37811,
CVE-2025-37758, CVE-2025-23147, CVE-2025-37788, CVE-2022-49535,
CVE-2025-23145, CVE-2025-38005, CVE-2025-37930, CVE-2025-37990,
CVE-2025-37768, CVE-2025-37819, CVE-2025-37824, CVE-2025-37909,
CVE-2024-42322, CVE-2025-37850, CVE-2024-36908, CVE-2025-37838,
CVE-2025-37823, CVE-2024-35867, CVE-2025-37756, CVE-2025-37817,
CVE-2024-38540, CVE-2025-37992, CVE-2025-37739, CVE-2022-49168,
CVE-2025-37985, CVE-2024-35790, CVE-2024-26739)
2 weeks 3 days ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PA-RISC architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Serial ATA and Parallel ATA drivers;
- Bluetooth drivers;
- Bus devices;
- CPU frequency scaling framework;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- ARM SCMI message protocol;
- GPU drivers;
- HID subsystem;
- HSI subsystem;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- MCB driver;
- Multiple devices driver;
- Media drivers;
- Multifunction device drivers;
- PCI Endpoint Test driver;
- MTD block device drivers;
- Network drivers;
- Device tree and open firmware driver;
- PCI subsystem;
- TI SCI PM domains driver;
- PWM drivers;
- S/390 drivers;
- SCSI subsystem;
- Samsung SoC drivers;
- TCM subsystem;
- UFS subsystem;
- Cadence USB3 driver;
- ChipIdea USB driver;
- USB Device Class drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- Backlight driver;
- Framebuffer layer;
- Xen hypervisor drivers;
- BTRFS file system;
- Ext4 file system;
- F2FS file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- Proc file system;
- SMB network file system;
- Kernel stack handling interfaces;
- Bluetooth subsystem;
- Network traffic control;
- SCTP protocol;
- BPF subsystem;
- Kernel command line parsing driver;
- Tracing infrastructure;
- Memory management;
- 802.1Q VLAN protocol;
- Networking core;
- IPv6 networking;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- Multipath TCP;
- Netfilter;
- Open vSwitch;
- Phonet protocol;
- TIPC protocol;
- TLS protocol;
- Virtio sound driver;
- CPU Power monitoring subsystem;
(CVE-2025-37790, CVE-2025-37871, CVE-2025-23147, CVE-2025-37803,
CVE-2025-37909, CVE-2025-37840, CVE-2025-37989, CVE-2025-37927,
CVE-2024-50280, CVE-2024-50272, CVE-2025-37850, CVE-2024-35866,
CVE-2025-22027, CVE-2025-37812, CVE-2025-21853, CVE-2025-37810,
CVE-2025-37766, CVE-2024-54458, CVE-2022-21546, CVE-2025-37757,
CVE-2025-37839, CVE-2024-38540, CVE-2025-37990, CVE-2025-37794,
CVE-2024-53203, CVE-2025-37964, CVE-2025-37819, CVE-2024-50125,
CVE-2024-53128, CVE-2022-48893, CVE-2023-52572, CVE-2024-42322,
CVE-2024-35943, CVE-2025-37740, CVE-2025-37739, CVE-2025-37838,
CVE-2025-37995, CVE-2025-37789, CVE-2024-50258, CVE-2025-37970,
CVE-2025-38024, CVE-2025-23146, CVE-2025-37780, CVE-2022-49168,
CVE-2025-23145, CVE-2024-46774, CVE-2022-49063, CVE-2025-37742,
CVE-2025-37940, CVE-2025-37781, CVE-2025-37796, CVE-2025-23159,
CVE-2025-23144, CVE-2025-37875, CVE-2024-49989, CVE-2025-37867,
CVE-2025-37892, CVE-2025-37913, CVE-2024-38541, CVE-2025-37983,
CVE-2025-37923, CVE-2025-37836, CVE-2025-23151, CVE-2025-37765,
CVE-2025-37817, CVE-2025-37991, CVE-2025-38009, CVE-2025-37858,
CVE-2025-37841, CVE-2025-37771, CVE-2025-22062, CVE-2025-37912,
CVE-2025-23156, CVE-2022-49535, CVE-2025-37829, CVE-2025-37851,
CVE-2024-46816, CVE-2025-37998, CVE-2025-38023, CVE-2024-56751,
CVE-2025-37844, CVE-2025-37967, CVE-2025-37930, CVE-2025-37994,
CVE-2025-37805, CVE-2024-46742, CVE-2025-37883, CVE-2025-21839,
CVE-2025-37823, CVE-2025-23157, CVE-2025-37787, CVE-2025-38094,
CVE-2024-26686, CVE-2024-26739, CVE-2025-23142, CVE-2025-23163,
CVE-2025-37915, CVE-2025-37885, CVE-2024-27402, CVE-2025-37749,
CVE-2025-37738, CVE-2025-37905, CVE-2025-37773, CVE-2025-23140,
CVE-2025-37792, CVE-2025-37808, CVE-2024-49960, CVE-2025-37857,
CVE-2025-23158, CVE-2025-37824, CVE-2023-52757, CVE-2025-37767,
CVE-2025-37758, CVE-2025-37914, CVE-2025-23161, CVE-2025-37741,
CVE-2024-35867, CVE-2025-37911, CVE-2025-37859, CVE-2025-37830,
CVE-2025-37982, CVE-2024-46751, CVE-2025-37985, CVE-2025-37756,
CVE-2025-37768, CVE-2025-37811, CVE-2025-37992, CVE-2025-37862,
CVE-2025-38005, CVE-2024-36908, CVE-2025-23150, CVE-2025-37949,
CVE-2025-37788, CVE-2025-37881, CVE-2025-37770, CVE-2025-37797,
CVE-2025-23148, CVE-2024-35790, CVE-2025-37969)
2 weeks 4 days ago
FEDORA-2025-828bc3d3f5
Packages in this update:
- cef-138.0.25^chromium138.0.7204.157-1.fc42
Update description:
Update to cef-138.0.25+g251e1c1/chromium138.0.7204.157 (rhbz#2380429)
Update to cef-138.0.21+g54811fe (rhbz#2379500)
2 weeks 4 days ago
2 weeks 4 days ago
2 weeks 4 days ago
It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly verify the target namespace when handling
upcalls. An attacker could use this to expose sensitive information.
(CVE-2025-2312)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- PowerPC architecture;
- S390 architecture;
- Block layer subsystem;
- Serial ATA and Parallel ATA drivers;
- Drivers core;
- Network block device driver;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- FireWire subsystem;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I3C subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Media drivers;
- NVIDIA Tegra memory controller driver;
- Fastrpc Driver;
- Network drivers;
- Mellanox network drivers;
- Operating Performance Points (OPP) driver;
- PCI subsystem;
- x86 platform drivers;
- i.MX PM domains;
- PPS (Pulse Per Second) driver;
- PTP clock framework;
- Remote Processor subsystem;
- Real Time Clock drivers;
- SCSI subsystem;
- QCOM SoC drivers;
- Media staging drivers;
- TTY drivers;
- UFS subsystem;
- USB Gadget drivers;
- USB Host Controller drivers;
- USB Serial drivers;
- AFS file system;
- File systems infrastructure;
- BTRFS file system;
- F2FS file system;
- GFS2 file system;
- NILFS2 file system;
- File system notification infrastructure;
- Overlay file system;
- Proc file system;
- SMB network file system;
- UBI file system;
- Timer subsystem;
- KVM subsystem;
- Networking core;
- ptr_ring data structure definitions;
- Networking subsytem;
- Amateur Radio drivers;
- XFRM subsystem;
- Tracing infrastructure;
- BPF subsystem;
- Kernel CPU control infrastructure;
- Padata parallel execution mechanism;
- printk logging mechanism;
- Memory management;
- Bluetooth subsystem;
- DCCP (Datagram Congestion Control Protocol);
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- IEEE 802.15.4 subsystem;
- Multipath TCP;
- Netfilter;
- NFC subsystem;
- Open vSwitch;
- Rose network layer;
- RxRPC session sockets;
- Network traffic control;
- VMware vSockets driver;
- Landlock security;
- Linux Security Modules (LSM) Framework;
- Tomoyo security module;
- SoC audio core drivers;
(CVE-2025-21830, CVE-2025-21678, CVE-2025-21815, CVE-2024-57974,
CVE-2025-21725, CVE-2025-21718, CVE-2025-21748, CVE-2025-21732,
CVE-2024-57953, CVE-2025-21727, CVE-2025-21816, CVE-2025-21719,
CVE-2024-53124, CVE-2024-58019, CVE-2025-38001, CVE-2025-21720,
CVE-2025-21734, CVE-2025-21672, CVE-2025-21692, CVE-2024-58076,
CVE-2025-21694, CVE-2024-58061, CVE-2025-21714, CVE-2025-21689,
CVE-2024-49887, CVE-2024-57949, CVE-2025-38177, CVE-2025-21683,
CVE-2025-21669, CVE-2025-21722, CVE-2024-57980, CVE-2025-38000,
CVE-2025-37932, CVE-2024-58034, CVE-2024-58081, CVE-2025-21733,
CVE-2025-21682, CVE-2024-57924, CVE-2025-21743, CVE-2024-57975,
CVE-2025-37798, CVE-2024-58058, CVE-2025-21809, CVE-2025-21676,
CVE-2024-57993, CVE-2025-21699, CVE-2024-58016, CVE-2025-21832,
CVE-2025-21804, CVE-2024-58011, CVE-2024-58007, CVE-2025-21826,
CVE-2024-58055, CVE-2025-21668, CVE-2025-21715, CVE-2024-58078,
CVE-2025-21829, CVE-2025-21811, CVE-2025-21814, CVE-2024-58053,
CVE-2025-21726, CVE-2025-21943, CVE-2025-37750, CVE-2025-21673,
CVE-2024-57984, CVE-2025-37997, CVE-2025-21684, CVE-2025-21750,
CVE-2024-58013, CVE-2025-21799, CVE-2024-58083, CVE-2025-21798,
CVE-2025-21731, CVE-2025-21708, CVE-2024-57986, CVE-2025-21744,
CVE-2024-58014, CVE-2025-21721, CVE-2024-58063, CVE-2024-57979,
CVE-2024-58005, CVE-2025-21728, CVE-2025-21681, CVE-2025-21806,
CVE-2024-57982, CVE-2024-58002, CVE-2024-58082, CVE-2025-21812,
CVE-2025-21745, CVE-2024-58017, CVE-2025-21665, CVE-2025-21828,
CVE-2025-37890, CVE-2024-57952, CVE-2024-57997, CVE-2025-21825,
CVE-2025-21716, CVE-2024-57948, CVE-2025-21710, CVE-2025-21674,
CVE-2025-21675, CVE-2024-50157, CVE-2025-21738, CVE-2025-22088,
CVE-2024-58071, CVE-2024-58085, CVE-2025-21723, CVE-2025-21690,
CVE-2025-21670, CVE-2025-21741, CVE-2024-57999, CVE-2025-21691,
CVE-2024-58068, CVE-2024-58057, CVE-2024-57994, CVE-2024-58072,
CVE-2025-21742, CVE-2024-58006, CVE-2024-58077, CVE-2024-58003,
CVE-2025-21753, CVE-2024-57981, CVE-2024-57973, CVE-2024-58001,
CVE-2025-21666, CVE-2025-21810, CVE-2025-21808, CVE-2024-57996,
CVE-2024-58054, CVE-2024-57998, CVE-2025-21707, CVE-2025-21736,
CVE-2025-21820, CVE-2025-21739, CVE-2024-57951, CVE-2025-21667,
CVE-2024-58070, CVE-2025-21801, CVE-2024-58051, CVE-2024-58079,
CVE-2025-21754, CVE-2024-58069, CVE-2025-37974, CVE-2025-21802,
CVE-2025-21749, CVE-2024-57990, CVE-2024-58080, CVE-2025-21705,
CVE-2025-21697, CVE-2024-58052, CVE-2025-21711, CVE-2024-58056,
CVE-2025-21724, CVE-2024-58018, CVE-2025-21735, CVE-2024-58010,
CVE-2025-21680)
