# NewNet Lithium SMSC | OS Security Update Release Notes --- **OS Security Update Release Notes** Release Date: April 2026 OS Update Cycle: 202604 (yyyyMM) Document Version: 1.0 --- ## Table of Contents 1. Introduction - 1.1 About this Document - 1.2 Scope - 1.3 Intended Audience 2. Summary 3. CVEs Addressed 4. RPM Packages 5. Known Issues 6. Conclusion 7. Method of Procedure (MoP) --- ## 1. Introduction ### 1.1 About this Document This document details the OS-level security updates applied to NewNet Lithium SMSC nodes in the 202604 update cycle. It lists the CVEs addressed and the RPM packages used to remediate them. ### 1.2 Scope This update covers RHEL8 security patches only. No Lithium application-layer changes are included. Packages were sourced from the Red Hat subscription network and delivered via the NewNet managed RPM pipeline. ### 1.3 Intended Audience - **Maintenance Engineers** – for applying OS patches and troubleshooting. - **Network Operators** – for scheduling maintenance windows. - **Security Teams** – for audit and compliance tracking. --- ## 2. Summary This OS update addresses **1044** CVE(s) detected in the 202604 scan cycle. | Item | Value | |------|-------| | Update cycle | 202604 | | CVEs addressed | 1044 | | RPM packages updated | 210 | | RHEL version | 8.x | | Critical | 30 | | High | 338 | | Medium | 575 | | Low | 30 | | N/A (no CVSS v3) | 71 | --- ## 3. CVEs Addressed | CVE ID | Severity | CVSS Score | Affected Package(s) | Description | Link | |--------|----------|-----------|---------------------|-------------|------| | CVE-2025-68121 | CRITICAL | 10.0 | rhc | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-68121) | | CVE-2025-6965 | CRITICAL | 9.8 | sqlite, sqlite-libs | There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-6965) | | CVE-2025-68615 | CRITICAL | 9.8 | net-snmp, net-snmp-agent-libs, net-snmp-libs, net-snmp-perl, net-snmp-utils | net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-68615) | | CVE-2024-6602 | CRITICAL | 9.8 | unknown | A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13,... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-6602) | | CVE-2024-52533 | CRITICAL | 9.8 | glib2 | gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-52533) | | CVE-2024-47615 | CRITICAL | 9.8 | gstreamer1-plugins-base | GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-47615) | | CVE-2024-47607 | CRITICAL | 9.8 | gstreamer1-plugins-base | GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gst_opus_dec_parse_header. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-47607) | | CVE-2024-47538 | CRITICAL | 9.8 | gstreamer1-plugins-base | GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-47538) | | CVE-2024-45492 | CRITICAL | 9.8 | expat | An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-45492) | | CVE-2024-45491 | CRITICAL | 9.8 | expat | An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-45491) | | CVE-2024-39331 | CRITICAL | 9.8 | emacs-filesystem | In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-39331) | | CVE-2024-38541 | CRITICAL | 9.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38541) | | CVE-2024-38476 | CRITICAL | 9.8 | httpd, httpd-filesystem, httpd-tools, mod_ssl | Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38476) | | CVE-2024-38474 | CRITICAL | 9.8 | httpd, httpd-filesystem, httpd-tools, mod_ssl | Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38474) | | CVE-2021-47548 | CRITICAL | 9.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47548) | | CVE-2020-26154 | CRITICAL | 9.8 | unknown | url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2020-26154) | | CVE-2019-12900 | CRITICAL | 9.8 | bzip2, bzip2, bzip2-libs, bzip2-libs | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2019-12900) | | CVE-2025-4517 | CRITICAL | 9.4 | platform-python, python3-libs | Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-4517) | | CVE-2025-49796 | CRITICAL | 9.1 | libxml2 | A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-49796) | | CVE-2025-49794 | CRITICAL | 9.1 | libxml2 | A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-49794) | | CVE-2025-23048 | CRITICAL | 9.1 | httpd, httpd-filesystem, httpd-tools, mod_http2, mod_ssl | In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-23048) | | CVE-2024-5535 | CRITICAL | 9.1 | mysql-common, mysql-libs, openssl, openssl-libs | Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-5535) | | CVE-2024-38475 | CRITICAL | 9.1 | httpd, httpd-filesystem, httpd-tools, mod_ssl | Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38475) | | CVE-2024-38428 | CRITICAL | 9.1 | wget | url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38428) | | CVE-2024-37371 | CRITICAL | 9.1 | krb5-libs, mysql-common, mysql-libs | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-37371) | | CVE-2024-36896 | CRITICAL | 9.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36896) | | CVE-2024-35960 | CRITICAL | 9.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, add_rule_fg would.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35960) | | CVE-2024-35845 | CRITICAL | 9.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35845) | | CVE-2023-52832 | CRITICAL | 9.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power() We can get a. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52832) | | CVE-2024-3596 | CRITICAL | 9.0 | krb5-libs | RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject,. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-3596) | | CVE-2026-23193 | HIGH | 8.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-23193) | | CVE-2025-9900 | HIGH | 8.8 | libtiff | A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-9900) | | CVE-2025-47273 | HIGH | 8.8 | platform-python-setuptools, python3-setuptools, python3-setuptools-wheel | setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-47273) | | CVE-2025-1244 | HIGH | 8.8 | emacs-filesystem | A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-1244) | | CVE-2025-11561 | HIGH | 8.8 | libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_sudo, python3-sssdconfig, sssd, sssd-ad, sssd-client, sssd-common, sssd-common-pac, sssd-ipa, sssd-kcm, sssd-krb5, sssd-krb5-common, sssd-ldap, sssd-nfs-idmap, sssd-proxy | A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations,... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-11561) | | CVE-2024-35854 | HIGH | 8.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35854) | | CVE-2024-35814 | HIGH | 8.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35814) | | CVE-2024-25744 | HIGH | 8.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-25744) | | CVE-2023-52798 | HIGH | 8.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52798) | | CVE-2016-9840 | HIGH | 8.8 | rsync | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2016-9840) | | CVE-2024-47175 | HIGH | 8.6 | cups-client, cups-libs | CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-47175) | | CVE-2024-39936 | HIGH | 8.6 | qt5-qtbase, qt5-qtbase-common, qt5-qtbase-gui | An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3.... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-39936) | | CVE-2024-32487 | HIGH | 8.6 | less | less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-32487) | | CVE-2024-2398 | HIGH | 8.6 | curl, libcurl | When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-2398) | | CVE-2022-48754 | HIGH | 8.4 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add device... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48754) | | CVE-2021-47456 | HIGH | 8.4 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci,... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47456) | | CVE-2025-58098 | HIGH | 8.3 | httpd, httpd-filesystem, httpd-tools, mod_http2, mod_ssl | Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-58098) | | CVE-2023-43758 | HIGH | 8.2 | unknown | Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-43758) | | CVE-2026-25646 | HIGH | 8.1 | libpng | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-25646) | | CVE-2025-5318 | HIGH | 8.1 | libssh, libssh-config | A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-5318) | | CVE-2025-50106 | HIGH | 8.1 | java, java | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-50106) | | CVE-2025-30749 | HIGH | 8.1 | java, java | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-30749) | | CVE-2025-27363 | HIGH | 8.1 | freetype | An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-27363) | | CVE-2024-5564 | HIGH | 8.1 | libndp | A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-5564) | | CVE-2024-38473 | HIGH | 8.1 | httpd, httpd-filesystem, httpd-tools, mod_ssl | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services,... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38473) | | CVE-2024-33599 | HIGH | 8.1 | glibc, glibc-common, glibc-gconv-extra, glibc-langpack-en, libnsl, nscd | nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-33599) | | CVE-2022-49043 | HIGH | 8.1 | libxml2 | xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-49043) | | CVE-2020-13790 | HIGH | 8.1 | libjpeg-turbo | libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2020-13790) | | CVE-2019-17543 | HIGH | 8.1 | lz4-libs | LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2019-17543) | | CVE-2025-58060 | HIGH | 8.0 | cups-client, cups-libs | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-58060) | | CVE-2024-1488 | HIGH | 8.0 | python3-unbound, unbound-libs | A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-1488) | | CVE-2022-50386 | HIGH | 8.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-50386) | | CVE-2026-23231 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-23231) | | CVE-2026-23209 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-23209) | | CVE-2026-23074 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-23074) | | CVE-2026-23001 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-23001) | | CVE-2025-8941 | HIGH | 7.8 | pam, pam-devel | A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-8941) | | CVE-2025-7425 | HIGH | 7.8 | libxml2 | A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-7425) | | CVE-2025-71238 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsg_done() causing double free Kernel panic observed on... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-71238) | | CVE-2025-68973 | HIGH | 7.8 | gnupg2, gnupg2-smime | In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-68973) | | CVE-2025-61662 | HIGH | 7.8 | grub2-common, grub2-pc, grub2-pc-modules, grub2-tools, grub2-tools-extra, grub2-tools-minimal | A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-61662) | | CVE-2025-6020 | HIGH | 7.8 | pam, pam, pam-devel, pam-devel | A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-6020) | | CVE-2025-5914 | HIGH | 7.8 | libarchive | A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-5914) | | CVE-2025-4802 | HIGH | 7.8 | glibc, glibc-common, glibc-gconv-extra, glibc-langpack-en, libnsl, nscd | Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-4802) | | CVE-2025-39955 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39955) | | CVE-2025-39864 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Following bss_free() quirk... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39864) | | CVE-2025-39849 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39849) | | CVE-2025-39841 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39841) | | CVE-2025-39730 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() The function needs to... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39730) | | CVE-2025-38724 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Lei Lu... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38724) | | CVE-2025-38718 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38718) | | CVE-2025-38527 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break A race condition can occur... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38527) | | CVE-2025-38464 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). syzbot reported a null-ptr-deref... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38464) | | CVE-2025-38459 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix infinite recursive call of clip_push(). syzbot reported the splat.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38459) | | CVE-2025-38415 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sb_min_blocksize Syzkaller reports an "UBSAN:... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38415) | | CVE-2025-38403 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38403) | | CVE-2025-38350 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38350) | | CVE-2025-38250 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38250) | | CVE-2025-38248 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration The bridge... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38248) | | CVE-2025-38211 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction The commit.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38211) | | CVE-2025-38180 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38180) | | CVE-2025-38129 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38129) | | CVE-2025-38079 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38079) | | CVE-2025-38052 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done Syzbot reported.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38052) | | CVE-2025-38024 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug Call Trace:... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38024) | | CVE-2025-38022 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38022) | | CVE-2025-37914 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc As... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-37914) | | CVE-2025-37890 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-37890) | | CVE-2025-37823 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too Similarly to the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-37823) | | CVE-2025-37797 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-37797) | | CVE-2025-37738 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-37738) | | CVE-2025-24928 | HIGH | 7.8 | libxml2 | libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-24928) | | CVE-2025-24855 | HIGH | 7.8 | libxslt | numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-24855) | | CVE-2025-22097 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-22097) | | CVE-2025-22020 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove This... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-22020) | | CVE-2025-22004 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-22004) | | CVE-2025-21991 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21991) | | CVE-2025-21928 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21928) | | CVE-2025-21919 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21919) | | CVE-2025-21785 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21785) | | CVE-2025-21764 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21764) | | CVE-2025-21759 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21759) | | CVE-2025-21756 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21756) | | CVE-2025-21727 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder A bug was found when run ltp test: BUG: KASAN:.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21727) | | CVE-2024-9287 | HIGH | 7.8 | platform-python, python3-libs | A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-9287) | | CVE-2024-58002 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-58002) | | CVE-2024-57980 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-57980) | | CVE-2024-57979 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-57979) | | CVE-2024-56171 | HIGH | 7.8 | libxml2 | libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-56171) | | CVE-2024-55549 | HIGH | 7.8 | libxslt | xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-55549) | | CVE-2024-53920 | HIGH | 7.8 | emacs-filesystem | In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-53920) | | CVE-2024-53197 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-53197) | | CVE-2024-53141 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-53141) | | CVE-2024-53104 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-53104) | | CVE-2024-50264 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-50264) | | CVE-2024-45026 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-45026) | | CVE-2024-4453 | HIGH | 7.8 | gstreamer1-plugins-base | GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-4453) | | CVE-2024-43842 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-43842) | | CVE-2024-43830 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-43830) | | CVE-2024-42301 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-42301) | | CVE-2024-42284 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str(). | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-42284) | | CVE-2024-42159 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise num_phys Information is stored in mr_sas_port->phy_mask,... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-42159) | | CVE-2024-41092 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix potential UAF by revoke of fence registers CI has been... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-41092) | | CVE-2024-41042 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prefer nft_chain_validate nft_chain_validate already... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-41042) | | CVE-2024-41039 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix overflow checking of wmfw header Fix the checking that... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-41039) | | CVE-2024-40989 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40989) | | CVE-2024-40974 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size plpar_hcall(),... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40974) | | CVE-2024-40958 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning:... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40958) | | CVE-2024-40954 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It is... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40954) | | CVE-2024-40927 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40927) | | CVE-2024-40906 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal Currently, if... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40906) | | CVE-2024-40901 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory There is a.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40901) | | CVE-2024-39502 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netif_napi_del() When queues are started, netif_napi_add()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-39502) | | CVE-2024-38627 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The put_device(&stm->dev)... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38627) | | CVE-2024-38586 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38586) | | CVE-2024-38581 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to fix the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38581) | | CVE-2024-38570 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM lockspace is... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38570) | | CVE-2024-38555 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error Fix use after free when... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38555) | | CVE-2024-36979 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36979) | | CVE-2024-36978 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36978) | | CVE-2024-36971 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36971) | | CVE-2024-36940 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36940) | | CVE-2024-36921 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard against invalid. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36921) | | CVE-2024-36904 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36904) | | CVE-2024-36886 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36886) | | CVE-2024-35855 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update The.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35855) | | CVE-2024-35847 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35847) | | CVE-2024-35789 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35789) | | CVE-2024-27395 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-27395) | | CVE-2024-27065 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-27065) | | CVE-2024-27043 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-27043) | | CVE-2024-26961 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154_llsec_key_del... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26961) | | CVE-2024-26958 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26958) | | CVE-2024-26934 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26934) | | CVE-2024-26933 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in port "disable" sysfs attribute The show and store... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26933) | | CVE-2024-26907 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------[... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26907) | | CVE-2024-26892 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26892) | | CVE-2024-26852 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26852) | | CVE-2024-26782 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26782) | | CVE-2024-26704 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26704) | | CVE-2024-26694 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix double-free bug The storage for the TLV PC register data... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26694) | | CVE-2024-26610 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26610) | | CVE-2023-6597 | HIGH | 7.8 | platform-python, python3-libs | An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-6597) | | CVE-2023-6040 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-6040) | | CVE-2023-53673 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-53673) | | CVE-2023-53621 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: memcontrol: ensure memcg acquired by id is properly set up In the eviction... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-53621) | | CVE-2023-53552 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-53552) | | CVE-2023-53386 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to commit... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-53386) | | CVE-2023-53373 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-53373) | | CVE-2023-53305 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-53305) | | CVE-2023-53257 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code,... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-53257) | | CVE-2023-52922 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52922) | | CVE-2023-52864 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52864) | | CVE-2023-52840 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() The... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52840) | | CVE-2023-52835 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52835) | | CVE-2023-52796 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52796) | | CVE-2023-52777 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52777) | | CVE-2023-52775 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline We found a data corruption issue. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52775) | | CVE-2023-52764 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in set_flicker Syzkaller reported the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52764) | | CVE-2023-52707 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root cgroup gets. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52707) | | CVE-2023-52679 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in of_parse_phandle_with_args_map In... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52679) | | CVE-2023-52669 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52669) | | CVE-2023-52667 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52667) | | CVE-2023-52594 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus(). | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52594) | | CVE-2023-52530 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52530) | | CVE-2023-52469 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52469) | | CVE-2023-52464 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52464) | | CVE-2023-52451 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52451) | | CVE-2023-52445 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52445) | | CVE-2023-52439 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1\t\t\t\tcore-2... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52439) | | CVE-2022-50543 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-50543) | | CVE-2022-50367 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-50367) | | CVE-2022-50087 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails When scpi. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-50087) | | CVE-2022-50072 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-50072) | | CVE-2022-49846 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() Syzbot reported a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-49846) | | CVE-2022-49136 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-49136) | | CVE-2022-49111 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hci_send_acl This fixes the following trace... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-49111) | | CVE-2022-49058 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning:... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-49058) | | CVE-2022-48919 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48919) | | CVE-2022-48632 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48632) | | CVE-2022-48624 | HIGH | 7.8 | less | close_altfile in filename.c in less before 606 omits shell_quote calls for... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48624) | | CVE-2022-48622 | HIGH | 7.8 | gdk-pixbuf2, gdk-pixbuf2-modules | In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48622) | | CVE-2021-47670 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb),... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47670) | | CVE-2021-47609 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without the bound... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47609) | | CVE-2021-47497 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell has 'nbits'.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47497) | | CVE-2021-47386 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47386) | | CVE-2021-47352 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47352) | | CVE-2021-47338 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: fbmem: Do not delete the mode that is still in use The execution of... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47338) | | CVE-2021-47321 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47321) | | CVE-2021-47311 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47311) | | CVE-2021-47310 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47310) | | CVE-2021-47118 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing `cad_pid` During boot,... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47118) | | CVE-2021-47013 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47013) | | CVE-2021-46984 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge() gets... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-46984) | | CVE-2020-16156 | HIGH | 7.8 | perl-CPAN | CPAN 2.28 allows Signature Verification... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2020-16156) | | CVE-2019-25162 | HIGH | 7.8 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2019-25162) | | CVE-2025-13601 | HIGH | 7.7 | glib2 | A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-13601) | | CVE-2024-36016 | HIGH | 7.7 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following:.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36016) | | CVE-2021-47356 | HIGH | 7.7 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47356) | | CVE-2025-0624 | HIGH | 7.6 | grub2-common, grub2-pc, grub2-pc-modules, grub2-tools, grub2-tools-extra, grub2-tools-minimal | A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-0624) | | CVE-2024-3661 | HIGH | 7.6 | NetworkManager, NetworkManager-libnm, NetworkManager-team, NetworkManager-tui | DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-3661) | | CVE-2026-22998 | HIGH | 7.5 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec Commit... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-22998) | | CVE-2026-21945 | HIGH | 7.5 | java, java | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security).... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-21945) | | CVE-2026-21441 | HIGH | 7.5 | python3-urllib3 | urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-21441) | | CVE-2026-0915 | HIGH | 7.5 | glibc, glibc-common, glibc-gconv-extra, glibc-langpack-en, libnsl, nscd | Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-0915) | | CVE-2025-9230 | HIGH | 7.5 | openssl, openssl-libs | Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write.... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-9230) | | CVE-2025-9086 | HIGH | 7.5 | curl, libcurl | 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or otherwise made to speak with `http://target` (same... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-9086) | | CVE-2025-8194 | HIGH | 7.5 | platform-python, python3-libs | There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-8194) | | CVE-2025-7345 | HIGH | 7.5 | gdk-pixbuf2, gdk-pixbuf2-modules | A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-7345) | | CVE-2025-66471 | HIGH | 7.5 | python3-urllib3 | urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-66471) | | CVE-2025-66418 | HIGH | 7.5 | python3-urllib3 | urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-66418) | | CVE-2025-61729 | HIGH | 7.5 | rhc | Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-61729) | | CVE-2025-61726 | HIGH | 7.5 | rhc | The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-61726) | | CVE-2025-6021 | HIGH | 7.5 | libxml2 | A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-6021) | | CVE-2025-59375 | HIGH | 7.5 | expat | libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-59375) | | CVE-2025-55753 | HIGH | 7.5 | httpd, httpd-filesystem, httpd-tools, mod_http2, mod_ssl | An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-55753) | | CVE-2025-53066 | HIGH | 7.5 | java, java | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-53066) | | CVE-2025-49630 | HIGH | 7.5 | httpd, httpd-filesystem, httpd-tools, mod_http2, mod_ssl | In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-49630) | | CVE-2025-4435 | HIGH | 7.5 | platform-python, python3-libs | When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-4435) | | CVE-2025-4330 | HIGH | 7.5 | platform-python, python3-libs | Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-4330) | | CVE-2025-4138 | HIGH | 7.5 | platform-python, python3-libs | Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-4138) | | CVE-2025-21521 | HIGH | 7.5 | mysql-common, mysql-libs | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21521) | | CVE-2025-15281 | HIGH | 7.5 | glibc, glibc-common, glibc-gconv-extra, glibc-langpack-en, libnsl, nscd | Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-15281) | | CVE-2024-8176 | HIGH | 7.5 | expat | A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-8176) | | CVE-2024-7006 | HIGH | 7.5 | libtiff | A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-7006) | | CVE-2024-6232 | HIGH | 7.5 | platform-python, python3-libs | There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-6232) | | CVE-2024-47252 | HIGH | 7.5 | httpd, httpd-filesystem, httpd-tools, mod_http2, mod_ssl | Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-47252) | | CVE-2024-45490 | HIGH | 7.5 | expat | An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-45490) | | CVE-2024-42225 | HIGH | 7.5 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero Avoid potentially reusing... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-42225) | | CVE-2024-4032 | HIGH | 7.5 | platform-python, python3-libs | The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable”.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-4032) | | CVE-2024-39573 | HIGH | 7.5 | httpd, httpd-filesystem, httpd-tools, mod_ssl | Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-39573) | | CVE-2024-38573 | HIGH | 7.5 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference cppc_cpufreq_get_rate() and... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38573) | | CVE-2024-38477 | HIGH | 7.5 | httpd, httpd-filesystem, httpd-tools, mod_ssl | null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38477) | | CVE-2024-37370 | HIGH | 7.5 | krb5-libs | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-37370) | | CVE-2024-3651 | HIGH | 7.5 | python3-idna | A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-3651) | | CVE-2024-29214 | HIGH | 7.5 | unknown | Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-29214) | | CVE-2024-28757 | HIGH | 7.5 | expat | libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-28757) | | CVE-2024-28127 | HIGH | 7.5 | unknown | Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-28127) | | CVE-2024-26461 | HIGH | 7.5 | krb5-libs | Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26461) | | CVE-2024-25062 | HIGH | 7.5 | libxml2 | An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-25062) | | CVE-2024-24582 | HIGH | 7.5 | unknown | Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-24582) | | CVE-2024-21823 | HIGH | 7.5 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-21823) | | CVE-2024-12085 | HIGH | 7.5 | rsync | A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-12085) | | CVE-2023-52356 | HIGH | 7.5 | libtiff | A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52356) | | CVE-2023-37920 | HIGH | 7.5 | unknown | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-37920) | | CVE-2023-34440 | HIGH | 7.5 | unknown | Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-34440) | | CVE-2023-31315 | HIGH | 7.5 | iwl100-firmware, iwl1000-firmware, iwl105-firmware, iwl135-firmware, iwl2000-firmware, iwl2030-firmware, iwl3160-firmware, iwl5000-firmware, iwl5150-firmware, iwl6000-firmware, iwl6000g2a-firmware, iwl6050-firmware, iwl7260-firmware, linux-firmware | Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-31315) | | CVE-2023-2953 | HIGH | 7.5 | openldap | A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-2953) | | CVE-2022-48747 | HIGH | 7.5 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48747) | | CVE-2022-3064 | HIGH | 7.5 | rhc | Parsing malicious or large YAML documents can consume excessive amounts of CPU or... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-3064) | | CVE-2022-23990 | HIGH | 7.5 | expat | Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-23990) | | CVE-2020-25219 | HIGH | 7.5 | unknown | url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2020-25219) | | CVE-2025-69419 | HIGH | 7.4 | openssl, openssl-libs | Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-69419) | | CVE-2025-49812 | HIGH | 7.4 | httpd, httpd-filesystem, httpd-tools, mod_http2, mod_ssl | In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-49812) | | CVE-2025-38352 | HIGH | 7.4 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38352) | | CVE-2025-21587 | HIGH | 7.4 | java, java | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21587) | | CVE-2024-33602 | HIGH | 7.4 | glibc, glibc-common, glibc-gconv-extra, glibc-langpack-en, libnsl, nscd | nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-33602) | | CVE-2024-27052 | HIGH | 7.4 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-27052) | | CVE-2024-21147 | HIGH | 7.4 | java, java | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-21147) | | CVE-2024-20952 | HIGH | 7.4 | java, java | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security).... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-20952) | | CVE-2024-20918 | HIGH | 7.4 | java, java | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-20918) | | CVE-2024-10963 | HIGH | 7.4 | pam, pam-devel | A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-10963) | | CVE-2023-0286 | HIGH | 7.4 | compat-openssl10 | There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-0286) | | CVE-2024-33601 | HIGH | 7.3 | glibc, glibc-common, glibc-gconv-extra, glibc-langpack-en, libnsl, nscd | nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-33601) | | CVE-2024-2961 | HIGH | 7.3 | glibc, glibc-common, glibc-gconv-extra, glibc-langpack-en, libnsl, nscd | The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-2961) | | CVE-2024-2947 | HIGH | 7.3 | cockpit, cockpit-bridge, cockpit-system, cockpit-ws | A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability,... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-2947) | | CVE-2023-38709 | HIGH | 7.3 | httpd, httpd-filesystem, httpd-tools, mod_ssl | Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-38709) | | CVE-2021-47441 | HIGH | 7.3 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47441) | | CVE-2026-23204 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2026-23204) | | CVE-2025-66293 | HIGH | 7.1 | libpng | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-66293) | | CVE-2025-65018 | HIGH | 7.1 | java, java, libpng | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-65018) | | CVE-2025-64720 | HIGH | 7.1 | java, java, libpng | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-64720) | | CVE-2025-39883 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39883) | | CVE-2025-39817 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare Observed on kernel 6.6... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39817) | | CVE-2025-39760 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39760) | | CVE-2025-39757 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-39757) | | CVE-2025-38556 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38556) | | CVE-2025-38159 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38159) | | CVE-2025-24528 | HIGH | 7.1 | krb5-libs | In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-24528) | | CVE-2025-21905 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-21905) | | CVE-2024-53150 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-53150) | | CVE-2024-50301 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission KASAN reports an out. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-50301) | | CVE-2024-42292 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-42292) | | CVE-2024-42094 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-42094) | | CVE-2024-41091 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-41091) | | CVE-2024-41090 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-41090) | | CVE-2024-41014 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack of... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-41014) | | CVE-2024-41013 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block This adds sanity checks for. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-41013) | | CVE-2024-40978 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40978) | | CVE-2024-40929 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-40929) | | CVE-2024-39499 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in event_deliver() Coverity... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-39499) | | CVE-2024-39487 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() In function... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-39487) | | CVE-2024-39471 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds if the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-39471) | | CVE-2024-38538 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-38538) | | CVE-2024-36960 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36960) | | CVE-2024-36883 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init net_alloc_generic is called by... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-36883) | | CVE-2024-35939 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35939) | | CVE-2024-35937 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like there's... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35937) | | CVE-2024-35896 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length I got multiple syzbot reports.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-35896) | | CVE-2024-30205 | HIGH | 7.1 | emacs-filesystem | In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-30205) | | CVE-2024-26982 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26982) | | CVE-2024-26669 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26669) | | CVE-2024-26665 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26665) | | CVE-2024-26664 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access Fix a bug that pdata->cpu_map[]. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26664) | | CVE-2024-26593 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets,. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26593) | | CVE-2023-52626 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52626) | | CVE-2023-52598 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52598) | | CVE-2023-52565 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is bigger than... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52565) | | CVE-2023-48161 | HIGH | 7.1 | java, java | Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-48161) | | CVE-2023-3758 | HIGH | 7.1 | libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_sudo, python3-sssdconfig, sssd, sssd-ad, sssd-client, sssd-common, sssd-common-pac, sssd-ipa, sssd-kcm, sssd-krb5, sssd-krb5-common, sssd-ldap, sssd-nfs-idmap, sssd-proxy | A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-3758) | | CVE-2022-49985 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors Hsin-Wei... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-49985) | | CVE-2022-49395 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-49395) | | CVE-2022-48866 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts Syzbot reported an. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48866) | | CVE-2022-48760 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The syzbot fuzzer... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48760) | | CVE-2022-48757 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2022-48757) | | CVE-2021-47624 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47624) | | CVE-2021-47393 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47393) | | CVE-2021-47383 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47383) | | CVE-2021-47153 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47153) | | CVE-2021-47101 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read() asix_read_cmd() may read less than... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47101) | | CVE-2021-47097 | HIGH | 7.1 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: Input: elantech - fix stack out of bound access in elantech_change_report_id()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47097) | | CVE-2025-38051 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2025-38051) | | CVE-2024-6655 | HIGH | 7.0 | gtk-update-icon-cache | A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-6655) | | CVE-2024-50275 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-50275) | | CVE-2024-50154 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-50154) | | CVE-2024-46858 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in __timer_delete_sync There are two paths to access... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-46858) | | CVE-2024-42228 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-42228) | | CVE-2024-41040 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix UAF when resolving a clash KASAN reports the following UAF: BUG:... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-41040) | | CVE-2024-39503 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-39503) | | CVE-2024-27397 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-27397) | | CVE-2024-27020 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-27020) | | CVE-2024-26976 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed Always flush... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26976) | | CVE-2024-26974 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery During the PCI AER... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26974) | | CVE-2024-26939 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were.. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26939) | | CVE-2024-26872 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2024-26872) | | CVE-2023-52847 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: media: bttv: fix use after free error due to btv->timeout timer There may be some. | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52847) | | CVE-2023-52578 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEV_STATS_INC() syzbot/KCSAN reported data-races in... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2023-52578) | | CVE-2021-47069 | HIGH | 7.0 | bpftool, kernel, kernel-core, kernel-modules, kernel-modules-extra, kernel-tools, kernel-tools-libs, python3-perf | In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry... | [Details](https://nvd.nist.gov/vuln/detail/CVE-2021-47069) | | CVE-2020-11023 | MEDIUM | 6.9 | libgcc, libgomp, libstdc++ | In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing