Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 115 articles for you...
203

Mageia 9 ruby-rack Critical Multiple Threats Security Update 2026-0226

Security update. Publication date: 18 Jun 2026 URL: https://advisories.mageia.org/MGASA-2026-0226.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-26961, CVE-2026-32762, CVE-2026-34230, CVE-2026-34763, CVE-2026-34785, CVE-2026-34786, CVE-2026-34826, CVE-2026-34827, CVE-2026-34829, CVE-2026-34830, CVE-2026-34831, CVE-2026-34835 Description: CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. `Forwarded` header semicolon injection enables `Host` and `Scheme` spoofing. CVE-2026-34230 Quadratic complexity in `Rack::Utils.select_best_encoding` via wildcard `Accept-Encoding` header. CVE-2026-34763 Root directory disclosure via unescaped regex interpolation in `Rack::Directory`. CVE-2026-34785 `Rack::Static` prefix matching can expose unintended files under the static root. CVE-2026-34786 `Rack::Static` `header_rules` bypass via URL-encoded path mismatch. CVE-2026-34826 Multipart byte range processing allows denial of service via excessive overlapping ranges. CVE-2026-34827 Multipart header parsing allows denial of service via escape-heavy quoted parameters. CVE-2026-34829 Multipart parsing without `Content-Length` header allows unbounded chunked file uploads. CVE-2026-34830 `Rack::Sendfile` header-based `X-Accel-Mapping` regex injection enables unauthorized `X-Accel-Redirect`. CVE-2026-34831 `Content-Length` mismatch in `Rack::Files` error responses. CVE-2026-34835 `Rack::Request` accepts invalid Host characters, enabling host allowlist bypass. References: - https://bugs.mageia.org/show_bug.cgi?id=35446 - https://github.com/rack/rack/security/advisories/GHSA-vgpv-f759-9wx3 - https://github.com/rack/rack/security/advisories/GHSA-qfgr-crr9-7r49 - https://github.com/rack/rack/security/advisories/GHSA-v569-hp3g-36wr - https://github.com/rack/rack/security/advisories/GHSA-7mqq-6cf9-v2qp - https://github.com/rack/rack/security/advisories/GHSA-h2jq-g4cq-5ppq -https://github.com/rack/rack/security/advisories/GHSA-q4qf-9j86-f5mh - https://github.com/rack/rack/security/advisories/GHSA-x8cg-fq8g-mxfx - https://github.com/rack/rack/security/advisories/GHSA-v6x5-cg8r-vv6x - https://github.com/rack/rack/security/advisories/GHSA-8vqr-qjwx-82mw - https://github.com/rack/rack/security/advisories/GHSA-qv7j-4883-hwh7 - https://github.com/rack/rack/security/advisories/GHSA-q2ww-5357-x388 - https://github.com/rack/rack/security/advisories/GHSA-g2pf-xv49-m2h5 - https://www.cve.org/CVERecord?id=CVE-2026-26961 - https://www.cve.org/CVERecord?id=CVE-2026-32762 - https://www.cve.org/CVERecord?id=CVE-2026-34230 - https://www.cve.org/CVERecord?id=CVE-2026-34763 - https://www.cve.org/CVERecord?id=CVE-2026-34785 - https://www.cve.org/CVERecord?id=CVE-2026-34786 - https://www.cve.org/CVERecord?id=CVE-2026-34826 - https://www.cve.org/CVERecord?id=CVE-2026-34827 - https://www.cve.org/CVERecord?id=CVE-2026-34829 - https://www.cve.org/CVERecord?id=CVE-2026-34830 - https://www.cve.org/CVERecord?id=CVE-2026-34831 - https://www.cve.org/CVERecord?id=CVE-2026-34835 SRPMS: - 9/core/ruby-rack-2.2.23-1.mga9 . Critical updates addressing multiple security issues in ruby-rack for Mageia 9, including Denial of Service risks and parsing errors.. Mageia security advisory, ruby-rack update, Denial of Service, CVE-2026 updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 18, 2026 Critical Mageia
202

openSUSE freerdp Moderate Multiple Threats Found 2026-10948-1

An update that solves 5 vulnerabilities can now be installed.. # freerdp-3.26.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:10948-1 Rating: moderate Cross-References: * CVE-2026-40033 * CVE-2026-44420 * CVE-2026-44421 * CVE-2026-44422 * CVE-2026-45700 CVSS scores: * CVE-2026-40033 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40033 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44420 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44421 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-44422 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-45700 ( SUSE ): 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2026-45700 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Tumbleweed An update that solves 5 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the freerdp-3.26.0-3.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * freerdp 3.26.0-3.1 * freerdp-devel 3.26.0-3.1 * freerdp-proxy 3.26.0-3.1 * freerdp-proxy-plugins 3.26.0-3.1 * freerdp-sdl 3.26.0-3.1 * freerdp-server 3.26.0-3.1 * freerdp-wayland 3.26.0-3.1 * libfreerdp-server-proxy3-3 3.26.0-3.1 * libfreerdp3-3 3.26.0-3.1 * librdtk0-0 3.26.0-3.1 * libuwac0-0 3.26.0-3.1 * libwinpr3-3 3.26.0-3.1 * rdtk0-devel 3.26.0-3.1 * uwac0-devel 3.26.0-3.1 * winpr-devel 3.26.0-3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40033.html * https://www.suse.com/security/cve/CVE-2026-44420.html * https://www.suse.com/security/cve/CVE-2026-44421.html * https://www.suse.com/security/cve/CVE-2026-44422.html * https://www.suse.com/security/cve/CVE-2026-45700.html .Update for openSUSE adds security fixes to freerdp addressing multiple threats with moderate severity levels in system.. openSUSE, freerdp, security update, system vulnerabilities, moderate severity. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 07, 2026 moderate OpenSUSE
100

SUSE: binutils Important Security Fix 2025:21197-1, Multiple Threats

An update that solves 27 vulnerabilities and has one fix can now be installed.. # Security update for binutils Announcement ID: SUSE-SU-2025:21197-1 Release Date: 2025-12-10T09:59:09Z Rating: important References: * bsc#1236632 * bsc#1236976 * bsc#1236977 * bsc#1236978 * bsc#1236999 * bsc#1237000 * bsc#1237001 * bsc#1237003 * bsc#1237005 * bsc#1237018 * bsc#1237019 * bsc#1237020 * bsc#1237021 * bsc#1237042 * bsc#1240870 * bsc#1243756 * bsc#1243760 * bsc#1246481 * bsc#1246486 * bsc#1247105 * bsc#1247114 * bsc#1247117 * bsc#1250632 * bsc#1251275 * bsc#1251276 * bsc#1251277 * bsc#1251794 * bsc#1251795 Cross-References: * CVE-2025-0840 * CVE-2025-11083 * CVE-2025-11412 * CVE-2025-11413 * CVE-2025-11414 * CVE-2025-1147 * CVE-2025-1148 * CVE-2025-1149 * CVE-2025-11494 * CVE-2025-11495 * CVE-2025-1150 * CVE-2025-1151 * CVE-2025-1152 * CVE-2025-1153 * CVE-2025-1176 * CVE-2025-1178 * CVE-2025-1179 * CVE-2025-1180 * CVE-2025-1181 * CVE-2025-1182 * CVE-2025-3198 * CVE-2025-5244 * CVE-2025-5245 * CVE-2025-7545 * CVE-2025-7546 * CVE-2025-8224 * CVE-2025-8225 CVSS scores: * CVE-2025-0840 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-0840 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-0840 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-0840 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-0840 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-11083 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11083 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L *CVE-2025-11083 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11083 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-11083 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-11412 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11412 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-11412 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11412 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-11412 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11413 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11413 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-11413 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11413 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-11413 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11414 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11414 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-11414 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11414 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11414 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-1147 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-1147 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2025-1147 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1147 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1147 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-1148 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1148 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1148 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1148 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1148 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1149 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1149 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1149 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1149 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-11494 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11494 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-11494 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11494 ( NVD): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11494 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-11495 ( SUSE ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11495 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-11495 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-11495 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-11495 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-1150 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-1150 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1150 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1150 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1150 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1151 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1151 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1151 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1151 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1152 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1152 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1152 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1152 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1153 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1153 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1153 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1153 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1153 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-1176 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-1176 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-1176 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1176 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-1176 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-1178 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1178 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1178 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1178 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-1179 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1179 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1179 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1179 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-1179 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1180 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1180 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1180 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1180 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-1181 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1181 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2025-1181 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1181 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-1182 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-1182 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-1182 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-1182 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-3198 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3198 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3198 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-3198 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-3198 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-5244 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-5244 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-5244 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-5244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-5245 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-5245 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-5245 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-5245 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-5245 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-7545 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-7545 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-7545 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-7545 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-7545 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-7546 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-7546 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H *CVE-2025-7546 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-7546 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-7546 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-8224 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8224 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8224 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8224 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8224 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-8225 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8225 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8225 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8225 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves 27 vulnerabilities and has one fix can now be installed. ## Description: This update for binutils fixes the following issues: Changes in binutils: * Update to current 2.45 branch at 94cb1c075 to include fix for PR33584 (a problem related to LTO vs fortran COMMON blocks). * Do not enable '-z gcs=implicit' on aarch64 for old codestreams. Update to version 2.45: * New versioned release of libsframe.so.2 * s390: tools now support SFrame format 2; recognize "z17" as CPU name [bsc#1247105, jsc#IBM-1485] * sframe sections are now of ELF section type SHT_GNU_SFRAME. *sframe secions generated by the assembler have SFRAME_F_FDE_FUNC_START_PCREL set. * riscv: Support more extensions: standard: Zicfiss v1.0, Zicfilp v1.0, Zcmp v1.0, Zcmt v1.0, Smrnmi v1.0, S[sm]dbltrp v1.0, S[sm]ctr v1.0, ssqosid v1.0, ssnpm v1.0, smnpm v1.0, smmpm v1.0, sspm v1.0, supm v1.0, sha v1.0, zce v1.0, smcdeleg v1.0, ssccfg v1.0, svvptc v1.0, zilsd v1.0, zclsd v1.0, smrnmi v1.0; vendor: CORE-V, xcvbitmanip v1.0 and xcvsimd v1.0; SiFive, xsfvqmaccdod v1.0, xsfvqmaccqoqv1.0 and xsfvfnrclipxfqf v1.0; T-Head: xtheadvdot v1.0; MIPS: xmipscbop v1.0, xmipscmov v1.0, xmipsexectl v1.0, xmipslsp v1.0. * Support RISC-V privileged version 1.13, profiles 20/22/23, and .bfloat16 directive. * x86: Add support for these ISAs: Intel Diamond Rapids AMX, MOVRS, AVX10.2 (including SM4), MSR_IMM; Zhaoxin PadLock PHE2, RNG2, GMI, XMODX. Drop support for AVX10.2 256 bit rounding. * arm: Add support for most of Armv9.6, enabled by -march=armv9.6-a and extensions '+cmpbr', '+f8f16mm', '+f8f32mm', '+fprcvt', '+lsfe', '+lsui', '+occmo', '+pops', '+sme2p2', '+ssve-aes', '+sve-aes', '+sve-aes2', '+sve- bfscale', '+sve-f16f32mm' and '+sve2p2'. * Predefined symbols "GAS(version)" and, on non-release builds, "GAS(date)" are now being made available. * Add .errif and .warnif directives. * linker: * Add --image-base= option to the ELF linker to behave the same as -Ttext-segment for compatibility with LLD. * Add support for mixed LTO and non-LTO codes in relocatable output. * s390: linker generates .eh_frame and/or .sframe for linker generated .plt sections by default (can be disabled by --no-ld-generated-unwind-info). * riscv: add new PLT formats, and GNU property merge rules for zicfiss and zicfilp extensions. * gold is no longer included * Contains fixes for these non-CVEs (not security bugs per upstreams SECURITY.md): * bsc#1236632 aka CVE-2025-0840 aka PR32560 * bsc#1236977 aka CVE-2025-1149 aka PR32576 * bsc#1236978 akaCVE-2025-1148 aka PR32576 * bsc#1236999 aka CVE-2025-1176 aka PR32636 * bsc#1237000 aka CVE-2025-1153 aka PR32603 * bsc#1237001 aka CVE-2025-1152 aka PR32576 * bsc#1237003 aka CVE-2025-1151 aka PR32576 * bsc#1237005 aka CVE-2025-1150 aka PR32576 * bsc#1237018 aka CVE-2025-1178 aka PR32638 * bsc#1237019 aka CVE-2025-1181 aka PR32643 * bsc#1237020 aka CVE-2025-1180 aka PR32642 * bsc#1237021 aka CVE-2025-1179 aka PR32640 * bsc#1237042 aka CVE-2025-1182 aka PR32644 * bsc#1240870 aka CVE-2025-3198 aka PR32716 * bsc#1243756 aka CVE-2025-5244 aka PR32858 * bsc#1243760 aka CVE-2025-5245 aka PR32829 * bsc#1246481 aka CVE-2025-7545 aka PR33049 * bsc#1246486 aka CVE-2025-7546 aka PR33050 * bsc#1247114 aka CVE-2025-8224 aka PR32109 * bsc#1247117 aka CVE-2025-8225 no PR * bsc#1236976 aka CVE-2025-1147 aka PR32556 * bsc#1250632 aka CVE-2025-11083 aka PR33457 * bsc#1251275 aka CVE-2025-11412 aka PR33452 * bsc#1251276 aka CVE-2025-11413 aka PR33456 * bsc#1251277 aka CVE-2025-11414 aka PR33450 * bsc#1251794 aka CVE-2025-11494 aka PR33499 * bsc#1251795 aka CVE-2025-11495 aka PR33502 binutils-2.43-branch.diff.gz ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-98=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libctf0-2.45-160000.1.1 * binutils-2.45-160000.1.1 * binutils-debugsource-2.45-160000.1.1 * libctf-nobfd0-2.45-160000.1.1 * libctf0-debuginfo-2.45-160000.1.1 * libctf-nobfd0-debuginfo-2.45-160000.1.1 * binutils-debuginfo-2.45-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0840.html * https://www.suse.com/security/cve/CVE-2025-11083.html * https://www.suse.com/security/cve/CVE-2025-11412.html * https://www.suse.com/security/cve/CVE-2025-11413.html *https://www.suse.com/security/cve/CVE-2025-11414.html * https://www.suse.com/security/cve/CVE-2025-1147.html * https://www.suse.com/security/cve/CVE-2025-1148.html * https://www.suse.com/security/cve/CVE-2025-1149.html * https://www.suse.com/security/cve/CVE-2025-11494.html * https://www.suse.com/security/cve/CVE-2025-11495.html * https://www.suse.com/security/cve/CVE-2025-1150.html * https://www.suse.com/security/cve/CVE-2025-1151.html * https://www.suse.com/security/cve/CVE-2025-1152.html * https://www.suse.com/security/cve/CVE-2025-1153.html * https://www.suse.com/security/cve/CVE-2025-1176.html * https://www.suse.com/security/cve/CVE-2025-1178.html * https://www.suse.com/security/cve/CVE-2025-1179.html * https://www.suse.com/security/cve/CVE-2025-1180.html * https://www.suse.com/security/cve/CVE-2025-1181.html * https://www.suse.com/security/cve/CVE-2025-1182.html * https://www.suse.com/security/cve/CVE-2025-3198.html * https://www.suse.com/security/cve/CVE-2025-5244.html * https://www.suse.com/security/cve/CVE-2025-5245.html * https://www.suse.com/security/cve/CVE-2025-7545.html * https://www.suse.com/security/cve/CVE-2025-7546.html * https://www.suse.com/security/cve/CVE-2025-8224.html * https://www.suse.com/security/cve/CVE-2025-8225.html * https://bugzilla.suse.com/show_bug.cgi?id=1236632 * https://bugzilla.suse.com/show_bug.cgi?id=1236976 * https://bugzilla.suse.com/show_bug.cgi?id=1236977 * https://bugzilla.suse.com/show_bug.cgi?id=1236978 * https://bugzilla.suse.com/show_bug.cgi?id=1236999 * https://bugzilla.suse.com/show_bug.cgi?id=1237000 * https://bugzilla.suse.com/show_bug.cgi?id=1237001 * https://bugzilla.suse.com/show_bug.cgi?id=1237003 * https://bugzilla.suse.com/show_bug.cgi?id=1237005 * https://bugzilla.suse.com/show_bug.cgi?id=1237018 * https://bugzilla.suse.com/show_bug.cgi?id=1237019 * https://bugzilla.suse.com/show_bug.cgi?id=1237020 * https://bugzilla.suse.com/show_bug.cgi?id=1237021 *https://bugzilla.suse.com/show_bug.cgi?id=1237042 * https://bugzilla.suse.com/show_bug.cgi?id=1240870 * https://bugzilla.suse.com/show_bug.cgi?id=1243756 * https://bugzilla.suse.com/show_bug.cgi?id=1243760 * https://bugzilla.suse.com/show_bug.cgi?id=1246481 * https://bugzilla.suse.com/show_bug.cgi?id=1246486 * https://bugzilla.suse.com/show_bug.cgi?id=1247105 * https://bugzilla.suse.com/show_bug.cgi?id=1247114 * https://bugzilla.suse.com/show_bug.cgi?id=1247117 * https://bugzilla.suse.com/show_bug.cgi?id=1250632 * https://bugzilla.suse.com/show_bug.cgi?id=1251275 * https://bugzilla.suse.com/show_bug.cgi?id=1251276 * https://bugzilla.suse.com/show_bug.cgi?id=1251277 * https://bugzilla.suse.com/show_bug.cgi?id=1251794 * https://bugzilla.suse.com/show_bug.cgi?id=1251795 . SUSE Linux Micro 6.2 updates binutils solving 27 issues, ensuring important security enhancements and fixes.. SUSE Linux Micro 6.2, binutils security update, important security fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Dec 15, 2025 Important SuSE
172

Ubuntu 24.04 LTS: Kernel Important Security Issues USN-7931-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7931-1 December 15, 2025 linux, linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oracle, linux-oracle-6.8 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-lowlatency: Linux low latency kernel - linux-nvidia: Linux kernel for NVIDIA systems - linux-nvidia-lowlatency: Linux low latency kernel for NVIDIA systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-aws-6.8: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp-6.8: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe-6.8: Linux hardware enablement (HWE) kernel - linux-ibm-6.8: Linux kernel for IBM cloud systems - linux-lowlatency-hwe-6.8: Linux low latency kernel - linux-nvidia-6.8: Linux kernel for NVIDIA systems - linux-oracle-6.8: Linux kernel for Oracle Cloud systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Media drivers; - Memory management; - Appletalk network protocol; - Netfilter; (CVE-2025-37958, CVE-2025-38666,CVE-2025-39964, CVE-2025-39993, CVE-2025-40018) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-1028-gkeop 6.8.0-1028.31 linux-image-6.8.0-1041-gke 6.8.0-1041.46 linux-image-6.8.0-1041-gke-64k 6.8.0-1041.46 linux-image-6.8.0-1041-oracle 6.8.0-1041.42 linux-image-6.8.0-1041-oracle-64k 6.8.0-1041.42 linux-image-6.8.0-1042-ibm 6.8.0-1042.42 linux-image-6.8.0-1044-aws 6.8.0-1044.46 linux-image-6.8.0-1044-aws-64k 6.8.0-1044.46 linux-image-6.8.0-1044-nvidia 6.8.0-1044.47 linux-image-6.8.0-1044-nvidia-64k 6.8.0-1044.47 linux-image-6.8.0-1044-nvidia-lowlatency 6.8.0-1044.47.1 linux-image-6.8.0-1044-nvidia-lowlatency-64k 6.8.0-1044.47.1 linux-image-6.8.0-1045-gcp 6.8.0-1045.48 linux-image-6.8.0-1045-gcp-64k 6.8.0-1045.48 linux-image-6.8.0-90-generic 6.8.0-90.91 linux-image-6.8.0-90-generic-64k 6.8.0-90.91 linux-image-6.8.0-90-lowlatency 6.8.0-90.91.1 linux-image-6.8.0-90-lowlatency-64k 6.8.0-90.91.1 linux-image-aws-6.8 6.8.0-1044.46 linux-image-aws-64k-6.8 6.8.0-1044.46 linux-image-aws-64k-lts-24.04 6.8.0-1044.46 linux-image-aws-lts-24.04 6.8.0-1044.46 linux-image-gcp-6.8 6.8.0-1045.48 linux-image-gcp-64k-6.8 6.8.0-1045.48 linux-image-gcp-64k-lts-24.04 6.8.0-1045.48 linux-image-gcp-lts-24.04 6.8.0-1045.48 linux-image-generic 6.8.0-90.91 linux-image-generic-6.8 6.8.0-90.91 linux-image-generic-64k 6.8.0-90.91 linux-image-generic-64k-6.8 6.8.0-90.91 linux-image-generic-lpae 6.8.0-90.91 linux-image-gke 6.8.0-1041.46 linux-image-gke-6.8 6.8.0-1041.46 linux-image-gke-64k 6.8.0-1041.46 linux-image-gke-64k-6.8 6.8.0-1041.46 linux-image-gkeop 6.8.0-1028.31 linux-image-gkeop-6.8 6.8.0-1028.31 linux-image-ibm 6.8.0-1042.42 linux-image-ibm-6.8 6.8.0-1042.42 linux-image-ibm-classic 6.8.0-1042.42 linux-image-ibm-lts-24.04 6.8.0-1042.42 linux-image-intel-iotg 6.8.0-90.91 linux-image-kvm 6.8.0-90.91 linux-image-lowlatency 6.8.0-90.91.1 linux-image-lowlatency-6.8 6.8.0-90.91.1 linux-image-lowlatency-64k 6.8.0-90.91.1 linux-image-lowlatency-64k-6.8 6.8.0-90.91.1 linux-image-nvidia 6.8.0-1044.47 linux-image-nvidia-6.8 6.8.0-1044.47 linux-image-nvidia-64k 6.8.0-1044.47 linux-image-nvidia-64k-6.8 6.8.0-1044.47 linux-image-nvidia-lowlatency 6.8.0-1044.47.1 linux-image-nvidia-lowlatency-6.8 6.8.0-1044.47.1 linux-image-nvidia-lowlatency-64k 6.8.0-1044.47.1 linux-image-nvidia-lowlatency-64k-6.8 6.8.0-1044.47.1 linux-image-oracle-6.8 6.8.0-1041.42 linux-image-oracle-64k-6.8 6.8.0-1041.42 linux-image-oracle-64k-lts-24.04 6.8.0-1041.42 linux-image-oracle-lts-24.04 6.8.0-1041.42 linux-image-virtual 6.8.0-90.91 linux-image-virtual-6.8 6.8.0-90.91 Ubuntu 22.04 LTS linux-image-6.8.0-1041-oracle 6.8.0-1041.42~22.04.1 linux-image-6.8.0-1041-oracle-64k 6.8.0-1041.42~22.04.1 linux-image-6.8.0-1042-ibm 6.8.0-1042.42~22.04.1 linux-image-6.8.0-1044-aws 6.8.0-1044.46~22.04.1 linux-image-6.8.0-1044-aws-64k 6.8.0-1044.46~22.04.1 linux-image-6.8.0-1044-nvidia 6.8.0-1044.47~22.04.1 linux-image-6.8.0-1044-nvidia-64k 6.8.0-1044.47~22.04.1 linux-image-6.8.0-1045-gcp 6.8.0-1045.48~22.04.1 linux-image-6.8.0-1045-gcp-64k 6.8.0-1045.48~22.04.1 linux-image-6.8.0-90-generic 6.8.0-90.91~22.04.1 linux-image-6.8.0-90-generic-64k 6.8.0-90.91~22.04.1 linux-image-6.8.0-90-lowlatency 6.8.0-90.91.1~22.04.1 linux-image-6.8.0-90-lowlatency-64k 6.8.0-90.91.1~22.04.1 linux-image-aws 6.8.0-1044.46~22.04.1 linux-image-aws-6.8 6.8.0-1044.46~22.04.1 linux-image-aws-64k 6.8.0-1044.46~22.04.1 linux-image-aws-64k-6.8 6.8.0-1044.46~22.04.1 linux-image-gcp 6.8.0-1045.48~22.04.1 linux-image-gcp-6.8 6.8.0-1045.48~22.04.1 linux-image-gcp-64k 6.8.0-1045.48~22.04.1 linux-image-gcp-64k-6.8 6.8.0-1045.48~22.04.1 linux-image-generic-6.8 6.8.0-90.91~22.04.1 linux-image-generic-64k-6.8 6.8.0-90.91~22.04.1 linux-image-generic-64k-hwe-22.04 6.8.0-90.91~22.04.1 linux-image-generic-hwe-22.04 6.8.0-90.91~22.04.1 linux-image-ibm-6.8 6.8.0-1042.42~22.04.1 linux-image-lowlatency-6.8 6.8.0-90.91.1~22.04.1 linux-image-lowlatency-64k-6.8 6.8.0-90.91.1~22.04.1 linux-image-lowlatency-64k-hwe-22.04 6.8.0-90.91.1~22.04.1 linux-image-lowlatency-hwe-22.04 6.8.0-90.91.1~22.04.1 linux-image-nvidia-6.8 6.8.0-1044.47~22.04.1 linux-image-nvidia-64k-6.8 6.8.0-1044.47~22.04.1 linux-image-nvidia-64k-hwe-22.04 6.8.0-1044.47~22.04.1 linux-image-nvidia-hwe-22.04 6.8.0-1044.47~22.04.1 linux-image-oem-22.04 6.8.0-90.91~22.04.1 linux-image-oem-22.04a 6.8.0-90.91~22.04.1 linux-image-oem-22.04b 6.8.0-90.91~22.04.1 linux-image-oem-22.04c 6.8.0-90.91~22.04.1 linux-image-oem-22.04d 6.8.0-90.91~22.04.1 linux-image-oracle 6.8.0-1041.42~22.04.1 linux-image-oracle-6.8 6.8.0-1041.42~22.04.1 linux-image-oracle-64k 6.8.0-1041.42~22.04.1 linux-image-oracle-64k-6.8 6.8.0-1041.42~22.04.1 linux-image-virtual-6.8 6.8.0-90.91~22.04.1 linux-image-virtual-hwe-22.04 6.8.0-90.91~22.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standardkernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7931-1 CVE-2025-37958, CVE-2025-38666, CVE-2025-39964, CVE-2025-39993, CVE-2025-40018 Package Information: https://launchpad.net/ubuntu/+source/linux/6.8.0-90.91 https://launchpad.net/ubuntu/+source/linux-aws/6.8.0-1044.46 https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1045.48 https://launchpad.net/ubuntu/+source/linux-gke/6.8.0-1041.46 https://launchpad.net/ubuntu/+source/linux-gkeop/6.8.0-1028.31 https://launchpad.net/ubuntu/+source/linux-ibm/6.8.0-1042.42 https://launchpad.net/ubuntu/+source/linux-lowlatency/6.8.0-90.91.1 https://launchpad.net/ubuntu/+source/linux-nvidia/6.8.0-1044.47 https://launchpad.net/ubuntu/+source/linux-nvidia-lowlatency/6.8.0-1044.47.1 https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1041.42 https://launchpad.net/ubuntu/+source/linux-aws-6.8/6.8.0-1044.46~22.04.1 https://launchpad.net/ubuntu/+source/linux-gcp-6.8/6.8.0-1045.48~22.04.1 https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-90.91~22.04.1 https://launchpad.net/ubuntu/+source/linux-ibm-6.8/6.8.0-1042.42~22.04.1 https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-6.8/6.8.0-90.91.1~22.04.1 https://launchpad.net/ubuntu/+source/linux-nvidia-6.8/6.8.0-1044.47~22.04.1 https://launchpad.net/ubuntu/+source/linux-oracle-6.8/6.8.0-1041.42~22.04.1 . Essential kernel security updates for Ubuntu resolve several important issues. Ensure your systems are patched promptly.. Ubuntu kernel security patch, Linux kernel update, Ubuntu system security, important kernel vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Dec 15, 2025 Important Ubuntu
203

Mageia 9: Kernel-Linus Critical Security Issues 2025-0218

Vanilla upstream kernel version 6.6.101 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References: - https://bugs.mageia.org/show_bug.cgi?id=34530 . MGASA-2025-0218 - Updated kernel-linus packages fix security vulnerabilities Publication date: 11 Aug 2025 URL: https://advisories.mageia.org/MGASA-2025-0218.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-38083, CVE-2025-38084, CVE-2025-38085, CVE-2025-38086, CVE-2025-38087, CVE-2025-38088, CVE-2025-38089, CVE-2025-38090, CVE-2025-38100, CVE-2025-38102, CVE-2025-38103, CVE-2025-38107, CVE-2025-38108, CVE-2025-38109, CVE-2025-38110, CVE-2025-38111, CVE-2025-38112, CVE-2025-38113, CVE-2025-38115, CVE-2025-38117, CVE-2025-38118, CVE-2025-38119, CVE-2025-38120, CVE-2025-38122, CVE-2025-38123, CVE-2025-38124, CVE-2025-38126, CVE-2025-38127, CVE-2025-38131, CVE-2025-38135, CVE-2025-38136, CVE-2025-38138, CVE-2025-38142, CVE-2025-38143, CVE-2025-38145, CVE-2025-38146, CVE-2025-38147, CVE-2025-38148, CVE-2025-38149, CVE-2025-38151, CVE-2025-38153, CVE-2025-38154, CVE-2025-38155, CVE-2025-38157, CVE-2025-38158, CVE-2025-38159, CVE-2025-38160, CVE-2025-38161, CVE-2025-38163, CVE-2025-38165, CVE-2025-38166, CVE-2025-38167, CVE-2025-38170, CVE-2025-38173, CVE-2025-38174, CVE-2025-38180, CVE-2025-38181, CVE-2025-38182, CVE-2025-38183, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38191, CVE-2025-38192, CVE-2025-38193, CVE-2025-38194, CVE-2025-38195, CVE-2025-38197, CVE-2025-38198, CVE-2025-38200, CVE-2025-38202, CVE-2025-38208, CVE-2025-38211, CVE-2025-38212, CVE-2025-38213, CVE-2025-38214, CVE-2025-38215, CVE-2025-38217, CVE-2025-38218, CVE-2025-38219, CVE-2025-38220, CVE-2025-38222, CVE-2025-38225, CVE-2025-38226, CVE-2025-38227, CVE-2025-38229, CVE-2025-38231, CVE-2025-38236, CVE-2025-38239, CVE-2025-38244, CVE-2025-38245, CVE-2025-38249, CVE-2025-38251, CVE-2025-38255, CVE-2025-38257, CVE-2025-38258, CVE-2025-38259, CVE-2025-38260, CVE-2025-38262, CVE-2025-38263, CVE-2025-38265, CVE-2025-38273, CVE-2025-38274, CVE-2025-38275, CVE-2025-38277, CVE-2025-38278, CVE-2025-38280, CVE-2025-38282, CVE-2025-38283, CVE-2025-38285, CVE-2025-38286, CVE-2025-38290, CVE-2025-38293, CVE-2025-38295, CVE-2025-38298, CVE-2025-38300, CVE-2025-38304, CVE-2025-38305, CVE-2025-38307, CVE-2025-38310, CVE-2025-38312, CVE-2025-38313, CVE-2025-38319, CVE-2025-38320, CVE-2025-38321, CVE-2025-38323, CVE-2025-38324, CVE-2025-38326, CVE-2025-38328, CVE-2025-38331, CVE-2025-38332, CVE-2025-38334, CVE-2025-38336, CVE-2025-38337, CVE-2025-38338, CVE-2025-38342, CVE-2025-38343, CVE-2025-38344, CVE-2025-38345, CVE-2025-38346, CVE-2025-38347, CVE-2025-38348, CVE-2025-38349, CVE-2025-38350, CVE-2025-38352, CVE-2025-38354, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38368, CVE-2025-38369, CVE-2025-38371, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38379, CVE-2025-38380, CVE-2025-38382, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38389, CVE-2025-38391, CVE-2025-38393, CVE-2025-38395, CVE-2025-38396, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38403, CVE-2025-38404, CVE-2025-38406, CVE-2025-38409, CVE-2025-38410, CVE-2025-38412, CVE-2025-38415, CVE-2025-38416, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38422, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38436, CVE-2025-38437, CVE-2025-38439, CVE-2025-38441, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38448, CVE-2025-38449, CVE-2025-38451, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38476, CVE-2025-38477, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38485, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38498 Vanilla upstream kernel version 6.6.101 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References: - https://bugs.mageia.org/show_bug.cgi?id=34530 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.94 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.95 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.96 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.97 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.98 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.99 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.100 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.101 -https://www.cve.org/CVERecord?id=CVE-2025-38083 - https://www.cve.org/CVERecord?id=CVE-2025-38084 - https://www.cve.org/CVERecord?id=CVE-2025-38085 - https://www.cve.org/CVERecord?id=CVE-2025-38086 - https://www.cve.org/CVERecord?id=CVE-2025-38087 - https://www.cve.org/CVERecord?id=CVE-2025-38088 - https://www.cve.org/CVERecord?id=CVE-2025-38089 - https://www.cve.org/CVERecord?id=CVE-2025-38090 - https://www.cve.org/CVERecord?id=CVE-2025-38100 - https://www.cve.org/CVERecord?id=CVE-2025-38102 - https://www.cve.org/CVERecord?id=CVE-2025-38103 - https://www.cve.org/CVERecord?id=CVE-2025-38107 - https://www.cve.org/CVERecord?id=CVE-2025-38108 - https://www.cve.org/CVERecord?id=CVE-2025-38109 - https://www.cve.org/CVERecord?id=CVE-2025-38110 - https://www.cve.org/CVERecord?id=CVE-2025-38111 - https://www.cve.org/CVERecord?id=CVE-2025-38112 - https://www.cve.org/CVERecord?id=CVE-2025-38113 - https://www.cve.org/CVERecord?id=CVE-2025-38115 - https://www.cve.org/CVERecord?id=CVE-2025-38117 - https://www.cve.org/CVERecord?id=CVE-2025-38118 - https://www.cve.org/CVERecord?id=CVE-2025-38119 - https://www.cve.org/CVERecord?id=CVE-2025-38120 - https://www.cve.org/CVERecord?id=CVE-2025-38122 - https://www.cve.org/CVERecord?id=CVE-2025-38123 - https://www.cve.org/CVERecord?id=CVE-2025-38124 - https://www.cve.org/CVERecord?id=CVE-2025-38126 - https://www.cve.org/CVERecord?id=CVE-2025-38127 - https://www.cve.org/CVERecord?id=CVE-2025-38131 - https://www.cve.org/CVERecord?id=CVE-2025-38135 - https://www.cve.org/CVERecord?id=CVE-2025-38136 - https://www.cve.org/CVERecord?id=CVE-2025-38138 - https://www.cve.org/CVERecord?id=CVE-2025-38142 - https://www.cve.org/CVERecord?id=CVE-2025-38143 - https://www.cve.org/CVERecord?id=CVE-2025-38145 - https://www.cve.org/CVERecord?id=CVE-2025-38146 - https://www.cve.org/CVERecord?id=CVE-2025-38147 - https://www.cve.org/CVERecord?id=CVE-2025-38148 - https://www.cve.org/CVERecord?id=CVE-2025-38149 - https://www.cve.org/CVERecord?id=CVE-2025-38151 -https://www.cve.org/CVERecord?id=CVE-2025-38153 - https://www.cve.org/CVERecord?id=CVE-2025-38154 - https://www.cve.org/CVERecord?id=CVE-2025-38155 - https://www.cve.org/CVERecord?id=CVE-2025-38157 - https://www.cve.org/CVERecord?id=CVE-2025-38158 - https://www.cve.org/CVERecord?id=CVE-2025-38159 - https://www.cve.org/CVERecord?id=CVE-2025-38160 - https://www.cve.org/CVERecord?id=CVE-2025-38161 - https://www.cve.org/CVERecord?id=CVE-2025-38163 - https://www.cve.org/CVERecord?id=CVE-2025-38165 - https://www.cve.org/CVERecord?id=CVE-2025-38166 - https://www.cve.org/CVERecord?id=CVE-2025-38167 - https://www.cve.org/CVERecord?id=CVE-2025-38170 - https://www.cve.org/CVERecord?id=CVE-2025-38173 - https://www.cve.org/CVERecord?id=CVE-2025-38174 - https://www.cve.org/CVERecord?id=CVE-2025-38180 - https://www.cve.org/CVERecord?id=CVE-2025-38181 - https://www.cve.org/CVERecord?id=CVE-2025-38182 - https://www.cve.org/CVERecord?id=CVE-2025-38183 - https://www.cve.org/CVERecord?id=CVE-2025-38184 - https://www.cve.org/CVERecord?id=CVE-2025-38185 - https://www.cve.org/CVERecord?id=CVE-2025-38190 - https://www.cve.org/CVERecord?id=CVE-2025-38191 - https://www.cve.org/CVERecord?id=CVE-2025-38192 - https://www.cve.org/CVERecord?id=CVE-2025-38193 - https://www.cve.org/CVERecord?id=CVE-2025-38194 - https://www.cve.org/CVERecord?id=CVE-2025-38195 - https://www.cve.org/CVERecord?id=CVE-2025-38197 - https://www.cve.org/CVERecord?id=CVE-2025-38198 - https://www.cve.org/CVERecord?id=CVE-2025-38200 - https://www.cve.org/CVERecord?id=CVE-2025-38202 - https://www.cve.org/CVERecord?id=CVE-2025-38208 - https://www.cve.org/CVERecord?id=CVE-2025-38211 - https://www.cve.org/CVERecord?id=CVE-2025-38212 - https://www.cve.org/CVERecord?id=CVE-2025-38213 - https://www.cve.org/CVERecord?id=CVE-2025-38214 - https://www.cve.org/CVERecord?id=CVE-2025-38215 - https://www.cve.org/CVERecord?id=CVE-2025-38217 - https://www.cve.org/CVERecord?id=CVE-2025-38218 - https://www.cve.org/CVERecord?id=CVE-2025-38219 -https://www.cve.org/CVERecord?id=CVE-2025-38220 - https://www.cve.org/CVERecord?id=CVE-2025-38222 - https://www.cve.org/CVERecord?id=CVE-2025-38225 - https://www.cve.org/CVERecord?id=CVE-2025-38226 - https://www.cve.org/CVERecord?id=CVE-2025-38227 - https://www.cve.org/CVERecord?id=CVE-2025-38229 - https://www.cve.org/CVERecord?id=CVE-2025-38231 - https://www.cve.org/CVERecord?id=CVE-2025-38236 - https://www.cve.org/CVERecord?id=CVE-2025-38239 - https://www.cve.org/CVERecord?id=CVE-2025-38244 - https://www.cve.org/CVERecord?id=CVE-2025-38245 - https://www.cve.org/CVERecord?id=CVE-2025-38249 - https://www.cve.org/CVERecord?id=CVE-2025-38251 - https://www.cve.org/CVERecord?id=CVE-2025-38255 - https://www.cve.org/CVERecord?id=CVE-2025-38257 - https://www.cve.org/CVERecord?id=CVE-2025-38258 - https://www.cve.org/CVERecord?id=CVE-2025-38259 - https://www.cve.org/CVERecord?id=CVE-2025-38260 - https://www.cve.org/CVERecord?id=CVE-2025-38262 - https://www.cve.org/CVERecord?id=CVE-2025-38263 - https://www.cve.org/CVERecord?id=CVE-2025-38265 - https://www.cve.org/CVERecord?id=CVE-2025-38273 - https://www.cve.org/CVERecord?id=CVE-2025-38274 - https://www.cve.org/CVERecord?id=CVE-2025-38275 - https://www.cve.org/CVERecord?id=CVE-2025-38277 - https://www.cve.org/CVERecord?id=CVE-2025-38278 - https://www.cve.org/CVERecord?id=CVE-2025-38280 - https://www.cve.org/CVERecord?id=CVE-2025-38282 - https://www.cve.org/CVERecord?id=CVE-2025-38283 - https://www.cve.org/CVERecord?id=CVE-2025-38285 - https://www.cve.org/CVERecord?id=CVE-2025-38286 - https://www.cve.org/CVERecord?id=CVE-2025-38290 - https://www.cve.org/CVERecord?id=CVE-2025-38293 - https://www.cve.org/CVERecord?id=CVE-2025-38295 - https://www.cve.org/CVERecord?id=CVE-2025-38298 - https://www.cve.org/CVERecord?id=CVE-2025-38300 - https://www.cve.org/CVERecord?id=CVE-2025-38304 - https://www.cve.org/CVERecord?id=CVE-2025-38305 - https://www.cve.org/CVERecord?id=CVE-2025-38307 - https://www.cve.org/CVERecord?id=CVE-2025-38310 -https://www.cve.org/CVERecord?id=CVE-2025-38312 - https://www.cve.org/CVERecord?id=CVE-2025-38313 - https://www.cve.org/CVERecord?id=CVE-2025-38319 - https://www.cve.org/CVERecord?id=CVE-2025-38320 - https://www.cve.org/CVERecord?id=CVE-2025-38321 - https://www.cve.org/CVERecord?id=CVE-2025-38323 - https://www.cve.org/CVERecord?id=CVE-2025-38324 - https://www.cve.org/CVERecord?id=CVE-2025-38326 - https://www.cve.org/CVERecord?id=CVE-2025-38328 - https://www.cve.org/CVERecord?id=CVE-2025-38331 - https://www.cve.org/CVERecord?id=CVE-2025-38332 - https://www.cve.org/CVERecord?id=CVE-2025-38334 - https://www.cve.org/CVERecord?id=CVE-2025-38336 - https://www.cve.org/CVERecord?id=CVE-2025-38337 - https://www.cve.org/CVERecord?id=CVE-2025-38338 - https://www.cve.org/CVERecord?id=CVE-2025-38342 - https://www.cve.org/CVERecord?id=CVE-2025-38343 - https://www.cve.org/CVERecord?id=CVE-2025-38344 - https://www.cve.org/CVERecord?id=CVE-2025-38345 - https://www.cve.org/CVERecord?id=CVE-2025-38346 - https://www.cve.org/CVERecord?id=CVE-2025-38347 - https://www.cve.org/CVERecord?id=CVE-2025-38348 - https://www.cve.org/CVERecord?id=CVE-2025-38349 - https://www.cve.org/CVERecord?id=CVE-2025-38350 - https://www.cve.org/CVERecord?id=CVE-2025-38352 - https://www.cve.org/CVERecord?id=CVE-2025-38354 - https://www.cve.org/CVERecord?id=CVE-2025-38362 - https://www.cve.org/CVERecord?id=CVE-2025-38363 - https://www.cve.org/CVERecord?id=CVE-2025-38364 - https://www.cve.org/CVERecord?id=CVE-2025-38365 - https://www.cve.org/CVERecord?id=CVE-2025-38368 - https://www.cve.org/CVERecord?id=CVE-2025-38369 - https://www.cve.org/CVERecord?id=CVE-2025-38371 - https://www.cve.org/CVERecord?id=CVE-2025-38375 - https://www.cve.org/CVERecord?id=CVE-2025-38376 - https://www.cve.org/CVERecord?id=CVE-2025-38377 - https://www.cve.org/CVERecord?id=CVE-2025-38379 - https://www.cve.org/CVERecord?id=CVE-2025-38380 - https://www.cve.org/CVERecord?id=CVE-2025-38382 - https://www.cve.org/CVERecord?id=CVE-2025-38384 -https://www.cve.org/CVERecord?id=CVE-2025-38385 - https://www.cve.org/CVERecord?id=CVE-2025-38386 - https://www.cve.org/CVERecord?id=CVE-2025-38387 - https://www.cve.org/CVERecord?id=CVE-2025-38389 - https://www.cve.org/CVERecord?id=CVE-2025-38391 - https://www.cve.org/CVERecord?id=CVE-2025-38393 - https://www.cve.org/CVERecord?id=CVE-2025-38395 - https://www.cve.org/CVERecord?id=CVE-2025-38396 - https://www.cve.org/CVERecord?id=CVE-2025-38399 - https://www.cve.org/CVERecord?id=CVE-2025-38400 - https://www.cve.org/CVERecord?id=CVE-2025-38401 - https://www.cve.org/CVERecord?id=CVE-2025-38403 - https://www.cve.org/CVERecord?id=CVE-2025-38404 - https://www.cve.org/CVERecord?id=CVE-2025-38406 - https://https://www.cve.org/CVERecord?id=CVE-2025-38409 - https://www.cve.org/CVERecord?id=CVE-2025-38410 - https://www.cve.org/CVERecord?id=CVE-2025-38412 - https://www.cve.org/CVERecord?id=CVE-2025-38415 - https://www.cve.org/CVERecord?id=CVE-2025-38416 - https://www.cve.org/CVERecord?id=CVE-2025-38418 - https://www.cve.org/CVERecord?id=CVE-2025-38419 - https://www.cve.org/CVERecord?id=CVE-2025-38420 - https://www.cve.org/CVERecord?id=CVE-2025-38422 - https://www.cve.org/CVERecord?id=CVE-2025-38424 - https://www.cve.org/CVERecord?id=CVE-2025-38425 - https://www.cve.org/CVERecord?id=CVE-2025-38427 - https://www.cve.org/CVERecord?id=CVE-2025-38428 - https://www.cve.org/CVERecord?id=CVE-2025-38429 - https://www.cve.org/CVERecord?id=CVE-2025-38430 - https://www.cve.org/CVERecord?id=CVE-2025-38436 - https://www.cve.org/CVERecord?id=CVE-2025-38437 - https://www.cve.org/CVERecord?id=CVE-2025-38439 - https://www.cve.org/CVERecord?id=CVE-2025-38441 - https://www.cve.org/CVERecord?id=CVE-2025-38443 - https://www.cve.org/CVERecord?id=CVE-2025-38444 - https://www.cve.org/CVERecord?id=CVE-2025-38445 - https://www.cve.org/CVERecord?id=CVE-2025-38448 - https://www.cve.org/CVERecord?id=CVE-2025-38449 - https://www.cve.org/CVERecord?id=CVE-2025-38451 - https://www.cve.org/CVERecord?id=CVE-2025-38455 -https://www.cve.org/CVERecord?id=CVE-2025-38456 - https://www.cve.org/CVERecord?id=CVE-2025-38457 - https://www.cve.org/CVERecord?id=CVE-2025-38458 - https://www.cve.org/CVERecord?id=CVE-2025-38459 - https://www.cve.org/CVERecord?id=CVE-2025-38460 - https://www.cve.org/CVERecord?id=CVE-2025-38461 - https://www.cve.org/CVERecord?id=CVE-2025-38462 - https://www.cve.org/CVERecord?id=CVE-2025-38463 - https://www.cve.org/CVERecord?id=CVE-2025-38464 - https://www.cve.org/CVERecord?id=CVE-2025-38465 - https://www.cve.org/CVERecord?id=CVE-2025-38466 - https://www.cve.org/CVERecord?id=CVE-2025-38467 - https://www.cve.org/CVERecord?id=CVE-2025-38468 - https://www.cve.org/CVERecord?id=CVE-2025-38469 - https://www.cve.org/CVERecord?id=CVE-2025-38470 - https://www.cve.org/CVERecord?id=CVE-2025-38471 - https://www.cve.org/CVERecord?id=CVE-2025-38472 - https://www.cve.org/CVERecord?id=CVE-2025-38473 - https://www.cve.org/CVERecord?id=CVE-2025-38474 - https://www.cve.org/CVERecord?id=CVE-2025-38476 - https://www.cve.org/CVERecord?id=CVE-2025-38477 - https://www.cve.org/CVERecord?id=CVE-2025-38478 - https://www.cve.org/CVERecord?id=CVE-2025-38480 - https://www.cve.org/CVERecord?id=CVE-2025-38481 - https://www.cve.org/CVERecord?id=CVE-2025-38482 - https://www.cve.org/CVERecord?id=CVE-2025-38483 - https://www.cve.org/CVERecord?id=CVE-2025-38485 - https://www.cve.org/CVERecord?id=CVE-2025-38487 - https://www.cve.org/CVERecord?id=CVE-2025-38488 - https://www.cve.org/CVERecord?id=CVE-2025-38489 - https://www.cve.org/CVERecord?id=CVE-2025-38490 - https://www.cve.org/CVERecord?id=CVE-2025-38493 - https://www.cve.org/CVERecord?id=CVE-2025-38494 - https://www.cve.org/CVERecord?id=CVE-2025-38495 - https://www.cve.org/CVERecord?id=CVE-2025-38496 - https://www.cve.org/CVERecord?id=CVE-2025-38497 - https://www.cve.org/CVERecord?id=CVE-2025-38498 SRPMS: - 9/core/kernel-linus-6.6.101-1.mga9 . Mageia 9 kernel-linus upgrade addresses numerous vital security vulnerabilities for enhanced safeguarding.. Mageia kernel update security threatsvulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Aug 11, 2025 Critical Mageia
202

openSUSE: 2025:15300-2 moderate: python38 various vulnerabilities

An update that solves 4 vulnerabilities can now be installed.. # python39-3.9.23-3.1 on GA media Announcement ID: openSUSE-SU-2025:15290-1 Rating: moderate Cross-References: * CVE-2024-12718 * CVE-2025-4330 * CVE-2025-4517 * CVE-2025-6069 CVSS scores: * CVE-2024-12718 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-4330 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-4517 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4517 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2025-6069 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H Affected Products: * openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the python39-3.9.23-3.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python39 3.9.23-3.1 * python39-curses 3.9.23-3.1 * python39-dbm 3.9.23-3.1 * python39-idle 3.9.23-3.1 * python39-tk 3.9.23-3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12718.html * https://www.suse.com/security/cve/CVE-2025-4330.html * https://www.suse.com/security/cve/CVE-2025-4517.html * https://www.suse.com/security/cve/CVE-2025-6069.html . This announcement features an important security enhancement for openSUSE Tumbleweed, tackling weaknesses found within the python39 package.. openSUSE security updates, python39 threats, moderate risks, update advisory. . LinuxSecurity.com Team

Calendar%202 Jul 05, 2025 OpenSUSE
91

Gentoo: GLSA 202505-01 High Severity: PAM Multiple Threats

Multiple vulnerabilities have been discovered in PAM, the worst of which could lead to password leakage.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202505-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: PAM: Multiple Vulnerabilities Date: May 12, 2025 Bugs: #922397, #942075 ID: 202505-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in PAM, the worst of which could lead to password leakage. Background ========== PAM (Pluggable Authentication Modules) is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Affected packages ================= Package Vulnerable Unaffected ------------ ----------------- ------------------ sys-libs/pam < 1.7.0_p20241230 > = 1.7.0_p20241230 Description =========== Multiple vulnerabilities have been discovered in PAM. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All PAM users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =sys-libs/pam-1.7.0_p20241230" References ========== [ 1 ] CVE-2024-10041 https://nvd.nist.gov/vuln/detail/CVE-2024-10041 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202505-01 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of ourusers' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2025 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Uncover a range of critical weaknesses in PAM that might result in credential exposure and pose serious security threats.. PAM vulnerabilities, Gentoo security, password leakage, authentication issues, PAM updates. . LinuxSecurity.com Team

Calendar%202 May 12, 2025 Gentoo
91

Gentoo: GLSA 202408-11 Normal: Aiohttp Threats Explained

Multiple vulnerabilities have been discovered in aiohttp, the worst of which could lead to service compromise.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202408-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: aiohttp: Multiple Vulnerabilities Date: August 07, 2024 Bugs: #918541, #918968, #931097 ID: 202408-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in aiohttp, the worst of which could lead to service compromise. Background ========== aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Affected packages ================= Package Vulnerable Unaffected ------------------ ------------ ------------ dev-python/aiohttp < 3.9.4 > = 3.9.4 Description =========== Multiple vulnerabilities have been discovered in aiohttp. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All aiohttp users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/aiohttp-3.9.4" References ========== [ 1 ] CVE-2023-47641 https://nvd.nist.gov/vuln/detail/CVE-2023-47641 [ 2 ] CVE-2023-49082 https://nvd.nist.gov/vuln/detail/CVE-2023-49082 [ 3 ] CVE-2024-30251 https://nvd.nist.gov/vuln/detail/CVE-2024-30251 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202408-11 Concerns? ========= Security is a primary focus of Gentoo Linux andensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Explore the Gentoo Linux Security Notice GLSA 202408-12 regarding aiohttp flaws impacting system integrity.. Gentoo Security Advisory,aiohttp threats,multiple threats,service compromise. . LinuxSecurity.com Team

Calendar%202 Aug 07, 2024 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200