MSVSphere OS Errata System 1 5.10 2025-12-01T14:19:23 MSVSphere OS 9 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. * CVE-2024-6409 A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server. Moderate Copyright 2024 Softline PJSC CVE-2024-6409 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. * CVE-2024-23638 A flaw was found in Squid, resulting in a potential denial of service attack targeting Cache Manager error responses. This issue enables a trusted client to execute a denial of service by manipulating the generation of error pages for Client Manager reports. * CVE-2024-37894 A flaw was found in Squid. An out-of-bounds write can be triggered when an Edge Side Includes (ESI) variable is assigned to a value not in the standard ASCII range, for example, multi-byte characters. This flaw allows a trusted server to crash Squid while processing an ESI response content, resulting in a denial of service. Moderate Copyright 2024 Softline PJSC CVE-2024-23638 CVE-2024-37894 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-5688 If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5690 By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5691 By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5693 Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5696 By manipulating the text in an `&lt;input&gt;` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5700 Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5702 Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12. Important Copyright 2024 Softline PJSC CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693 CVE-2024-5696 CVE-2024-5700 CVE-2024-5702 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. * CVE-2024-35235 A flaw was found in the cupsd server. When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can perform an arbitrary chmod of the provided argument, providing world-writable access to the target. Since cupsd is often running as root, this issue can result in the change of permission of any user or system files to be world writable. Moderate Copyright 2024 Softline PJSC CVE-2024-35235 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-4032 The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior. Low Copyright 2024 Softline PJSC CVE-2024-4032 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_jk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. The mod_proxy_cluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. * CVE-2023-41081 A vulnerability was found in Apache Tomcat Connectors (mod_jk). Affected versions of this package are vulnerable to information exposure in the mod_jk component. This flaw allows an attacker to exploit the implicit mapping functionality, resulting in the unintended exposure of the status worker and bypassing security constraints configured in httpd. * CVE-2023-6710 A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page. Moderate Copyright 2024 Softline PJSC CVE-2023-41081 CVE-2023-6710 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. * CVE-2024-4467 A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. Important Copyright 2024 Softline PJSC CVE-2024-4467 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. Important Copyright 2024 Softline PJSC CVE-2024-1394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-4032 The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior. Low Copyright 2024 Softline PJSC CVE-2024-4032 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. * CVE-2024-32462 A flaw was found in Flatpak, a system for building, distributing, and running sandboxed desktop applications on Linux. Normally, the "--command" argument of "flatpak run" expects being given a command to run in the specified Flatpak app, along with optional arguments. However, it is possible to pass bwrap arguments to "--command=" instead, such as "--bind". It is possible to pass an arbitrary "commandline" to the portal interface "org.freedesktop.portal.Background.RequestBackground" within the Flatpak app. This is normally safe because it can only specify a command that exists inside the sandbox. When a crafted "commandline" is converted into a "--command" and arguments, the app could achieve the same effect of passing arguments directly to bwrap to achieve sandbox escape. Important Copyright 2024 Softline PJSC CVE-2024-32462 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. * CVE-2023-31346 A flaw was found in some AMD CPUs where the guest message responses have not been zero-initialized. This issue may allow a local attacker with the ability to run arbitrary code on a container or virtual machine to discover sensitive information contained in the host system's memory. Moderate Copyright 2024 Softline PJSC CVE-2023-31346 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-6601 A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. * CVE-2024-6603 In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. * CVE-2024-6604 Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Important Copyright 2024 Softline PJSC CVE-2024-6601 CVE-2024-6603 CVE-2024-6604 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. Important Copyright 2024 Softline PJSC CVE-2024-1394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. Important Copyright 2024 Softline PJSC CVE-2024-1394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. * CVE-2024-4418 A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's stack frame was concurrently being "freed" when returning from virNetClientIOEventLoop(). The 'virtproxyd' daemon can be used to trigger requests. If libvirt is configured with fine-grained access control, this issue, in theory, allows a user to escape their otherwise limited access. This flaw allows a local, unprivileged user to access virtproxyd without authenticating. Remote users would need to authenticate before they could access it. Moderate Copyright 2024 Softline PJSC CVE-2024-4418 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. * CVE-2023-6185 An improper input validation vulnerability was found in LibreOffice. In versions where filenames are not sufficiently escaped, an attacker can execute arbitrary GStreamer plugins * CVE-2023-6186 An insufficient permission validation vulnerability was found in LibreOffice. In versions that support running commands in hyperlinks, an attacker can execute built-in macros without warning the user. Important Copyright 2024 Softline PJSC CVE-2023-6185 CVE-2023-6186 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. * CVE-2024-37891 A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects. Moderate Copyright 2024 Softline PJSC CVE-2024-37891 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.132 and Runtime 6.0.32. * CVE-2024-38095 .NET and Visual Studio Denial of Service Vulnerability. Moderate Copyright 2024 Softline PJSC CVE-2024-38095 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. Important Copyright 2024 Softline PJSC CVE-2024-1394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. Important Copyright 2024 Softline PJSC CVE-2024-1394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. * CVE-2024-2199 A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input. * CVE-2024-3657 A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service Important Copyright 2024 Softline PJSC CVE-2024-2199 CVE-2024-3657 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. * CVE-2024-2947 A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer. Moderate Copyright 2024 Softline PJSC CVE-2024-2947 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2023-39326 A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. * CVE-2023-45287 Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels. Moderate Copyright 2024 Softline PJSC CVE-2023-39326 CVE-2023-45287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors. * CVE-2024-32487 less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases. Important Copyright 2024 Softline PJSC CVE-2024-32487 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. * CVE-2024-4367 A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4767 If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4768 A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4769 When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4770 When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4777 Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Important Copyright 2024 Softline PJSC CVE-2024-4367 CVE-2024-4767 CVE-2024-4768 CVE-2024-4769 CVE-2024-4770 CVE-2024-4777 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. * CVE-2024-4367 A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4767 If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4768 A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4769 When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4770 When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. * CVE-2024-4777 Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Important Copyright 2024 Softline PJSC CVE-2024-4367 CVE-2024-4767 CVE-2024-4768 CVE-2024-4769 CVE-2024-4770 CVE-2024-4777 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. * CVE-2022-36765 A flaw was found in the CreateHob() function in EDK2. An attacker, leveraging a local network, can initiate an integer overflow leading to a buffer overflow. This issue arises during size alignment within the CreateHob() function, requiring activation in the PEI phase. Successful exploitation of this flaw poses a moderate threat to confidentiality and integrity, however, the primary consequence is likely a crash or denial of service. * CVE-2023-45236 A security flaw has been identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker to potentially disclose sensitive information. * CVE-2023-45237 A security flaw has been identified in the cryptographic system of EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized remote attacker to potentially expose sensitive information. Moderate Copyright 2024 Softline PJSC CVE-2022-36765 CVE-2023-45236 CVE-2023-45237 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. * CVE-2024-38473 A flaw was found in the mod_proxy module of httpd. Due to an encoding problem, specially crafted request URLs with incorrect encoding can be sent to backend services, potentially bypassing authentication. * CVE-2024-38474 A flaw was found in the mod_rewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be executed as CGI. * CVE-2024-38475 A flaw was found in the mod_rewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure. * CVE-2024-38477 A flaw was found in the mod_proxy module of httpd. A NULL pointer dereference can be triggered when processing a specially crafted HTTP request, causing the httpd server to crash, and resulting in a denial of service. * CVE-2024-39573 A flaw was found in the mod_rewrite module of httpd. A potential SSRF allows an attacker to cause unsafe rules used in the RewriteRule directive to unexpectedly set up URLs to be handled by the mod_proxy module. Important Copyright 2024 Softline PJSC CVE-2024-38473 CVE-2024-38474 CVE-2024-38475 CVE-2024-38477 CVE-2024-39573 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-6601 A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. * CVE-2024-6603 In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. * CVE-2024-6604 Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Important Copyright 2024 Softline PJSC CVE-2024-6601 CVE-2024-6603 CVE-2024-6604 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fixes * CVE-2024-23672 A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server's performance may degrade significantly, resulting in potential service disruption or unresponsiveness. * CVE-2024-24549 A vulnerability was found in the Tomcat package due to its handling of HTTP/2 requests. Specifically, when an HTTP/2 request surpasses the predetermined limits for headers configured within the server, the associated HTTP/2 stream isn't reset immediately. Instead, the reset action occurs only after all the headers within the request have been processed. This lapse in resetting the stream exposes the system to potential risks, as it allows malicious actors to exploit the delay in stream reset to carry out various attacks, such as header manipulation or resource exhaustion. Bug Fixes and Enhancements * Rebase tomcat to version 9.0.87. * Amend tomcat's changelog so that fixed CVEs are mentioned explicitly. Important Copyright 2024 Softline PJSC CVE-2024-23672 CVE-2024-24549 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2023-27043 The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. Moderate Copyright 2024 Softline PJSC CVE-2023-27043 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages. * CVE-2024-5564 A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information. Important Copyright 2024 Softline PJSC CVE-2024-5564 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes * CVE-2024-1441 An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash. * CVE-2024-2494 A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash. Bug Fixes * libvirt: off-by-one error in udevListInterfacesByStatus() [rhel-9]. * libvirt: negative g_new0 length can lead to unbounded memory allocation [rhel-9]. Moderate Copyright 2024 Softline PJSC CVE-2024-1441 CVE-2024-2494 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fixes * CVE-2023-4408 A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service. * CVE-2023-50387 Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled. * CVE-2023-50868 A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSEC validation is enabled. * CVE-2023-5517 A flaw was found in the bind package which may result in a Denial of Service in named process. This is a result of a reachable assertion, leading named to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR query, used for a reverse DNS lookup, for a RFC 1918 address that would normally result in an authoritative NXDOMAIN response. A single query matching both conditions can lead to a Denial of Service in the named application. * CVE-2023-5679 A flaw was found in the bind package. This issue may allow an attacker to query in a DNS64 enabled resolver node with a domain name triggering a server-stale data, triggering a code assertion, and resulting in a crash of named processes. This can allow a remote unauthenticated user to cause a Denial Of Service in the DNS server. * CVE-2023-6516 A flaw was found in the named application, part of the bind9 package, which uses a cache database to speeds up DNS queries. To maintain its efficiency when running as a recursive name resolver, named performs a cache database clean up under certain conditions. This issue may allow an attacker to craft a continuous set of crafted queries, which can induce named to trigger the cleanup process with a high frequency, making the internal cleanup items queue to grow indefinitely. This can lead to an uncontrolled memory consumption and resource starvation, potentially making named consume all available memory in the host, leading to a Denial of Service of the targeted system. Bug Fixes * bind-dyndb-ldap: rebuilt to adapt ABI changes in bind Important Copyright 2024 Softline PJSC CVE-2023-4408 CVE-2023-50387 CVE-2023-50868 CVE-2023-5517 CVE-2023-5679 CVE-2023-6516 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token (JWT) JOSE (JSON Object Signing and Encryption) standards. * CVE-2024-28102 JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot of memory and processing time. Version 1.5.6 fixes this vulnerability by limiting the maximum token length. Moderate Copyright 2024 Softline PJSC CVE-2024-28102 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2023-45290 When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. * CVE-2024-28176 jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5. * CVE-2024-28180 Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Moderate Copyright 2024 Softline PJSC CVE-2023-45290 CVE-2024-28176 CVE-2024-28180 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. * CVE-2024-34064 Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4. Moderate Copyright 2024 Softline PJSC CVE-2024-34064 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes * CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. * CVE-2024-28180 Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Bug Fixes * TRIAGE CVE-2024-24786 skopeo: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON. * skopeo: jose-go: improper handling of highly compressed data. Moderate Copyright 2024 Softline PJSC CVE-2024-24786 CVE-2024-28180 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. * CVE-2024-2698 A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service argument is NULL, then it means the KDC is probing for general constrained delegation rules and not checking a specific S4U2Proxy request. In FreeIPA 4.11.0, the behavior of ipadb_match_acl() was modified to match the changes from upstream MIT Kerberos 1.20. However, a mistake resulting in this mechanism applies in cases where the target service argument is set AND where it is unset. This results in S4U2Proxy requests being accepted regardless of whether or not there is a matching service delegation rule. * CVE-2024-3183 A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password. If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password). Important Copyright 2024 Softline PJSC CVE-2024-2698 CVE-2024-3183 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. * CVE-2023-2975 A vulnerability was found in OpenSSL. The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries, which are unauthenticated as a consequence. Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misled by removing, adding, or reordering such empty entries as these are ignored by the OpenSSL implementation. The AES-SIV algorithm allows for the authentication of multiple associated data entries and encryption. To authenticate empty data, the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with a NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL returns success for such a call instead of performing the associated data authentication operation. Thus, the empty data will not be authenticated. * CVE-2023-3446 A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source may lead to a denial of service. * CVE-2023-3817 A vulnerability was found in OpenSSL. This security issue occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source may lead to a denial of service. * CVE-2023-5678 A flaw was found in OpenSSL, which caused the generation or checking of long X9.42 DH keys or parameters to be much slower than expected. This issue could lead to a denial of service. * CVE-2023-6129 A flaw was found in in the POLY1305 MAC (message authentication code) implementation in OpenSSL, affecting applications running on PowerPC CPU-based platforms that utilize vector instructions, and has the potential to corrupt the internal state of these applications. If an attacker can manipulate the utilization of the POLY1305 MAC algorithm, it may lead to the corruption of the application state, resulting in various application-dependent consequences, often resulting in a crash and leading to a denial of service. * CVE-2023-6237 A flaw was found in OpenSSL. When the EVP_PKEY_public_check() function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large prime, this computation takes a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. * CVE-2024-0727 A flaw was found in OpenSSL. The optional ContentInfo fields can be set to null, even if the "type" is a valid value, which can lead to a null dereference error that may cause a denial of service. Low Copyright 2024 Softline PJSC CVE-2023-2975 CVE-2023-3446 CVE-2023-3817 CVE-2023-5678 CVE-2023-6129 CVE-2023-6237 CVE-2024-0727 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. * CVE-2023-38469 A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. * CVE-2023-38470 A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. * CVE-2023-38471 A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. * CVE-2023-38472 A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. * CVE-2023-38473 A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. Moderate Copyright 2024 Softline PJSC CVE-2023-38469 CVE-2023-38470 CVE-2023-38471 CVE-2023-38472 CVE-2023-38473 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. Moderate Copyright 2024 Softline PJSC CVE-2024-24786 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. * CVE-2022-40090 An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file. * CVE-2023-3618 A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service. * CVE-2023-40745 LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. * CVE-2023-41175 A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. * CVE-2023-6228 An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. Moderate Copyright 2024 Softline PJSC CVE-2022-40090 CVE-2023-3618 CVE-2023-40745 CVE-2023-41175 CVE-2023-6228 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. * CVE-2023-39350 This issue affects Clients only. Integer underflow leading to DOS (e.g. abort due to `WINPR_ASSERT` with default compilation flags). When an insufficient blockLen is provided, and proper length validation is not performed, an Integer Underflow occurs, leading to a Denial of Service (DOS) vulnerability. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. * CVE-2023-39351 Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX (rfx) handling. Inside the `rfx_process_message_tileset` function, the program allocates tiles using `rfx_allocate_tiles` for the number of numTiles. If the initialization process of tiles is not completed for various reasons, tiles will have a NULL pointer. Which may be accessed in further processing and would cause a program crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. * CVE-2023-39352 Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values `rect->left` and `rect->top` are exactly equal to `surface->width` and `surface->height`. eg. `rect->left` == `surface->width` && `rect->top` == `surface->height`. In practice this should cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. * CVE-2023-39353 Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the `libfreerdp/codec/rfx.c` file there is no offset validation in `tile->quantIdxY`, `tile->quantIdxCb`, and `tile->quantIdxCr`. As a result crafted input can lead to an out of bounds read access which in turn will cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. * CVE-2023-39354 Affected versions are subject to an Out-Of-Bounds Read in the `nsc_rle_decompress_data` function. The Out-Of-Bounds Read occurs because it processes `context->Planes` without checking if it contains data of sufficient length. Should an attacker be able to leverage this vulnerability they may be able to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. * CVE-2023-39356 In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. * CVE-2023-40181 Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the `zgfx_decompress_segment` function. In the context of `CopyMemory`, it's possible to read data beyond the transmitted packet range and likely cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. * CVE-2023-40186 Affected versions are subject to an IntegerOverflow leading to Out-Of-Bound Write Vulnerability in the `gdi_CreateSurface` function. This issue affects FreeRDP based clients only. FreeRDP proxies are not affected as image decoding is not done by a proxy. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. * CVE-2023-40188 Affected versions are subject to an Out-Of-Bounds Read in the `general_LumaToYUV444` function. This Out-Of-Bounds Read occurs because processing is done on the `in` variable without checking if it contains data of sufficient length. Insufficient data for the `in` variable may cause errors or crashes. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. * CVE-2023-40567 Affected versions are subject to an Out-Of-Bounds Write in the `clear_decompress_bands_data` function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds write. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability. * CVE-2023-40569 Affected versions are subject to an Out-Of-Bounds Write in the `progressive_decompress` function. This issue is likely down to incorrect calculations of the `nXSrc` and `nYSrc` variables. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability. * CVE-2023-40589 In affected versions there is a Global-Buffer-Overflow in the ncrush_decompress function. Feeding crafted input into this function can trigger the overflow which has only been shown to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. Moderate Copyright 2024 Softline PJSC CVE-2023-39350 CVE-2023-39351 CVE-2023-39352 CVE-2023-39353 CVE-2023-39354 CVE-2023-39356 CVE-2023-40181 CVE-2023-40186 CVE-2023-40188 CVE-2023-40567 CVE-2023-40569 CVE-2023-40589 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication. * CVE-2024-22365 linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. Moderate Copyright 2024 Softline PJSC CVE-2024-22365 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. * CVE-2023-31122 Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Moderate Copyright 2024 Softline PJSC CVE-2023-31122 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. * CVE-2023-51714 An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. * CVE-2024-25580 An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file. Moderate Copyright 2024 Softline PJSC CVE-2023-51714 CVE-2024-25580 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. * CVE-2022-36763 EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. * CVE-2022-36764 EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. * CVE-2023-3446 A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DH_check(), DH_check_ex(), or EVP_PKEY_param_check() functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source may lead to a denial of service. * CVE-2023-45229 EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. * CVE-2023-45231 EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing  Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality. * CVE-2023-45232 EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability. * CVE-2023-45233 EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability. * CVE-2023-45235 EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability. Important Copyright 2024 Softline PJSC CVE-2022-36763 CVE-2022-36764 CVE-2023-3446 CVE-2023-45229 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45235 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. * CVE-2023-4692 An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved. * CVE-2023-4693 An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk. * CVE-2024-1048 A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not be removed and may fill the filesystem when invoked multiple times, resulting in a filesystem out of free inodes or blocks. Moderate Copyright 2024 Softline PJSC CVE-2023-4692 CVE-2023-4693 CVE-2024-1048 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. * CVE-2024-0690 An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values. Moderate Copyright 2024 Softline PJSC CVE-2024-0690 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. * CVE-2023-7008 A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records. Moderate Copyright 2024 Softline PJSC CVE-2023-7008 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. * CVE-2023-45287 Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels. Moderate Copyright 2024 Softline PJSC CVE-2023-45287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. * CVE-2023-39326 A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. * CVE-2023-45287 Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels. Moderate Copyright 2024 Softline PJSC CVE-2023-39326 CVE-2023-45287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Xwayland is an X server for running X clients under Wayland. * CVE-2023-5367 A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. * CVE-2023-6377 A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. * CVE-2023-6478 A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. * CVE-2023-6816 A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used. * CVE-2024-0229 An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. * CVE-2024-0408 A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. * CVE-2024-0409 A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. * CVE-2024-21885 A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments. * CVE-2024-21886 A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. Moderate Copyright 2024 Softline PJSC CVE-2023-5367 CVE-2023-6377 CVE-2023-6478 CVE-2023-6816 CVE-2024-0229 CVE-2024-0408 CVE-2024-0409 CVE-2024-21885 CVE-2024-21886 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. * CVE-2023-6917 A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation. Moderate Copyright 2024 Softline PJSC CVE-2023-6917 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and rollbacks. * CVE-2024-2905 A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access. Moderate Copyright 2024 Softline PJSC CVE-2024-2905 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. * CVE-2023-45290 When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. Moderate Copyright 2024 Softline PJSC CVE-2023-45290 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. * CVE-2023-5367 A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. * CVE-2023-5380 A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed. * CVE-2023-6377 A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. * CVE-2023-6478 A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. * CVE-2023-6816 A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used. * CVE-2024-0229 An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. * CVE-2024-0408 A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. * CVE-2024-0409 A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. * CVE-2024-21885 A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments. * CVE-2024-21886 A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. Moderate Copyright 2024 Softline PJSC CVE-2023-5367 CVE-2023-5380 CVE-2023-6377 CVE-2023-6478 CVE-2023-6816 CVE-2024-0229 CVE-2024-0408 CVE-2024-0409 CVE-2024-21885 CVE-2024-21886 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime. * CVE-2022-30630 Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators. * CVE-2022-30631 Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files. * CVE-2022-30632 Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators. * CVE-2023-45287 Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels. Moderate Copyright 2024 Softline PJSC CVE-2022-30630 CVE-2022-30631 CVE-2022-30632 CVE-2023-45287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2023-39326 A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. * CVE-2023-45287 Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS#1 padding may leak timing information, which in turn could be used to recover session key bits. In Go 1.20, the crypto/tls library switched to a fully constant time RSA implementation, which we do not believe exhibits any timing side channels. Moderate Copyright 2024 Softline PJSC CVE-2023-39326 CVE-2023-45287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. * CVE-2023-45803 A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as POST to GET, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn't exploitable. * CVE-2023-52323 PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack. * CVE-2024-22195 Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting (XSS). The Jinja `xmlattr` filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based. Moderate Copyright 2024 Softline PJSC CVE-2023-45803 CVE-2023-52323 CVE-2024-22195 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Network Block Device (NBD) is a protocol for accessing Block Devices (hard disks and disk-like devices) over a Network. The libnbd is a userspace client library for writing NBD clients. * CVE-2023-5215 A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly. * CVE-2023-5871 A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service. Moderate Copyright 2024 Softline PJSC CVE-2023-5215 CVE-2023-5871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. * CVE-2024-1481 A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service. Moderate Copyright 2024 Softline PJSC CVE-2024-1481 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. * CVE-2023-3019 A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. * CVE-2023-3255 A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service. * CVE-2023-42467 QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately. * CVE-2023-5088 A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead (potentially overwriting the VM's boot code). This could be used, for example, by L2 guests with a virtual disk (vdiskL2) stored on a virtual disk of an L1 (vdiskL1) hypervisor to read and/or write data to LBA 0 of vdiskL1, potentially gaining control of L1 at its next reboot. * CVE-2023-6683 A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a malicious authenticated VNC client to crash QEMU and trigger a denial of service. Moderate Copyright 2024 Softline PJSC CVE-2023-3019 CVE-2023-3255 CVE-2023-42467 CVE-2023-5088 CVE-2023-6683 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. * CVE-2023-39318 The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack. * CVE-2023-39319 The html/template package does not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack. * CVE-2023-39326 A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. Moderate Copyright 2024 Softline PJSC CVE-2023-39318 CVE-2023-39319 CVE-2023-39326 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. * CVE-2023-45290 When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. Moderate Copyright 2024 Softline PJSC CVE-2023-45290 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. * CVE-2023-4727 A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege. Important Copyright 2024 Softline PJSC CVE-2023-4727 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2023-45290 When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. * CVE-2024-28176 jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5. * CVE-2024-28180 Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. Moderate Copyright 2024 Softline PJSC CVE-2023-45290 CVE-2024-28176 CVE-2024-28180 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. * CVE-2024-2961 An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of internal buffers, leading to a buffer overflow, which allows writing up to 3 bytes outside the desired memory location. This issue may allow an attacker to craft a malicious characters sequence that will trigger the out-of-bounds write and perform remote code execution, presenting a high impact to the Integrity, Confidentiality, and Availability triad. * CVE-2024-33599 A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity. * CVE-2024-33600 A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit. * CVE-2024-33601 A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure. * CVE-2024-33602 A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash. Important Copyright 2024 Softline PJSC CVE-2024-2961 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. * CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability. Moderate Copyright 2024 Softline PJSC CVE-2024-28182 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. * CVE-2024-22195 Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting (XSS). The Jinja `xmlattr` filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based. Moderate Copyright 2024 Softline PJSC CVE-2024-22195 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_http2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. * CVE-2023-43622 An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. * CVE-2023-45802 When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. Moderate Copyright 2024 Softline PJSC CVE-2023-43622 CVE-2023-45802 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. * CVE-2024-2307 A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built. Moderate Copyright 2024 Softline PJSC CVE-2024-2307 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. * CVE-2023-5380 A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed. * CVE-2023-5574 A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode). If the pointer is warped from a screen 1 to a screen 0, a use-after-free issue may be triggered during shutdown or reset of the Xvfb server, allowing for possible escalation of privileges or denial of service. Important Copyright 2024 Softline PJSC CVE-2023-5380 CVE-2023-5574 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. * CVE-2024-25126 Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability (ReDos 2nd degree polynomial). This vulnerability is patched in 3.0.9.1 and 2.2.8.1. * CVE-2024-26141 Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1. * CVE-2024-26146 Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations for this problem, so Rack applications using Ruby 3.2 or newer are unaffected. This vulnerability is fixed in 2.0.9.4, 2.1.4.4, 2.2.8.1, and 3.0.9.1. Moderate Copyright 2024 Softline PJSC CVE-2024-25126 CVE-2024-26141 CVE-2024-26146 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.107 and Runtime 8.0.7. * CVE-2024-30105 .NET Core and Visual Studio Denial of Service Vulnerability. * CVE-2024-35264 .NET and Visual Studio Remote Code Execution Vulnerability. * CVE-2024-38095 .NET and Visual Studio Denial of Service Vulnerability. Important Copyright 2024 Softline PJSC CVE-2024-30105 CVE-2024-35264 CVE-2024-38095 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2024-1313 A vulnerability was found in Grafana. Due to an error in authorization logic, it is possible for an unprivileged user in a different organization other than the snapshot owner to perform unauthorized actions such as deleting it using a view key. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. Moderate Copyright 2024 Softline PJSC CVE-2024-1313 CVE-2024-1394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The golang packages provide the Go programming language compiler. * CVE-2023-45288 An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection. * CVE-2023-45289 When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded. * CVE-2023-45290 When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. * CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. * CVE-2024-24784 The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers. * CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. Important Copyright 2024 Softline PJSC CVE-2023-45288 CVE-2023-45289 CVE-2023-45290 CVE-2024-1394 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. * CVE-2024-3596 RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. Important Copyright 2024 Softline PJSC CVE-2024-3596 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The golang packages provide the Go programming language compiler. * CVE-2024-24789 The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors. * CVE-2024-24790 The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. Moderate Copyright 2024 Softline PJSC CVE-2024-24789 CVE-2024-24790 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. * CVE-2024-6387 A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Important Copyright 2024 Softline PJSC CVE-2024-6387 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). * CVE-2024-2357 The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service. Moderate Copyright 2024 Softline PJSC CVE-2024-2357 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. * CVE-2024-2496 A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash. Moderate Copyright 2024 Softline PJSC CVE-2024-2496 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 grafana-pcp is an open source Grafana plugin for PCP. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. Important Copyright 2024 Softline PJSC CVE-2024-1394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. * CVE-2024-30045 .NET and Visual Studio Remote Code Execution Vulnerability * CVE-2024-30046 Visual Studio Denial of Service Vulnerability Important Copyright 2024 Softline PJSC CVE-2024-30045 CVE-2024-30046 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. * CVE-2023-45288 An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection. * CVE-2023-45289 When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded. * CVE-2023-45290 When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. * CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. Important Copyright 2024 Softline PJSC CVE-2023-45288 CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. * CVE-2024-3019 A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer. Important Copyright 2024 Softline PJSC CVE-2024-3019 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. * CVE-2024-31080 A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. * CVE-2024-31081 A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. * CVE-2024-31083 A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request. Important Copyright 2024 Softline PJSC CVE-2024-31080 CVE-2024-31081 CVE-2024-31083 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Security Fixes * CVE-2023-3758 A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. Bug Fixes * socket leak. * Passkey cannot fall back to password. * sssd: Race condition during authorization leads to GPO policies functioning inconsistently. Moderate Copyright 2024 Softline PJSC CVE-2023-3758 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. Important Copyright 2024 Softline PJSC CVE-2024-1394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: * CVE-2024-1753 A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time. * CVE-2024-24786 The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. Bug Fixes: * liveness probe not called by podman when using httpGet. * Unable to copy image from one virtual machine to another using "podman image scp". * Backport two docker CLI compatibility fixes. * Issue in podman causing S2I to fail in overwriting ENTRYPOINT. * Need to backport podman fix for SIGSEGV in MSVSphere 9.3/8.9 for UBI based containers. Moderate Copyright 2024 Softline PJSC CVE-2024-1753 CVE-2024-24786 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. * CVE-2024-38476 Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Important Copyright 2024 Softline PJSC CVE-2024-38476 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2014-1745 Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. * CVE-2023-32359 This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2. A user's password may be read aloud by VoiceOver. * CVE-2023-39928 A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability. * CVE-2023-40414 A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution. * CVE-2023-41983 The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service. * CVE-2023-42852 A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution. * CVE-2023-42883 The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service. * CVE-2023-42890 The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution. * CVE-2024-23206 An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user. * CVE-2024-23213 The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution. Important Copyright 2024 Softline PJSC CVE-2014-1745 CVE-2023-32359 CVE-2023-39928 CVE-2023-40414 CVE-2023-41983 CVE-2023-42852 CVE-2023-42883 CVE-2023-42890 CVE-2024-23206 CVE-2024-23213 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. * CVE-2024-3044 Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted. Moderate Copyright 2024 Softline PJSC CVE-2024-3044 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. * CVE-2024-34750 Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. Important Copyright 2024 Softline PJSC CVE-2024-34750 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. * CVE-2024-5953 A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. * CVE-2024-6237 A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service. Moderate Copyright 2024 Softline PJSC CVE-2024-5953 CVE-2024-6237 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. * CVE-2024-2398 When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application. Moderate Copyright 2024 Softline PJSC CVE-2024-2398 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-setuptools package provides a collection of enhancements to Python distribution utilities allowing convenient building and distribution of Python packages. * CVE-2024-6345 A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. Important Copyright 2024 Softline PJSC CVE-2024-6345 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Setuptools is a collection of enhancements to the Python 3 distutils that allow you to more easily build and distribute Python 3 packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software that requires pkg_resources. * CVE-2024-6345 A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. Important Copyright 2024 Softline PJSC CVE-2024-6345 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Setuptools is a collection of enhancements to the Python 3 distutils that allow you to more easily build and distribute Python 3 packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software that requires pkg_resources. * CVE-2024-6345 A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. Important Copyright 2024 Softline PJSC CVE-2024-6345 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. * CVE-2024-1737 Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. * CVE-2024-1975 If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. * CVE-2024-4076 A flaw was found in the bind9 package, where a client query triggers stale data and also requires local lookups may trigger a assertion failure. This issue results in a denial of service of the bind server. Important Copyright 2024 Softline PJSC CVE-2024-1737 CVE-2024-1975 CVE-2024-4076 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.108 and .NET Runtime 8.0.8. * CVE-2024-38167 A flaw was found in the .NET platform. This issue may lead to the disclosure of sensitive information via TlsStream. Moderate Copyright 2024 Softline PJSC CVE-2024-38167 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Chromium is an open-source web browser, powered by WebKit (Blink) * CVE-2024-7969 Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8193 Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8194 Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8198 Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Important Copyright 2024 Softline PJSC CVE-2024-7969 CVE-2024-8193 CVE-2024-8194 CVE-2024-8198 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Chromium GOST is an open-source web browser what supported GOST TLS if proprietary CryptoPro is installed * CVE-2024-8198 Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8194 Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8193 Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-7969 Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Important Copyright 2024 Softline PJSC CVE-2024-7969 CVE-2024-8193 CVE-2024-8194 CVE-2024-8198 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2024-22020 A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports. Exploiting this flaw can violate network import security, posing a risk to developers and servers. * CVE-2024-28863 A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack. Moderate Copyright 2024 Softline PJSC CVE-2024-22020 CVE-2024-28863 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. Important Copyright 2024 Softline PJSC CVE-2024-7348 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. * CVE-2024-6923 There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. Moderate Copyright 2024 Softline PJSC CVE-2024-6923 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-7518 Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. * CVE-2024-7519 Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7520 A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. * CVE-2024-7521 Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7522 Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7525 It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7526 ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7527 Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7528 Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. * CVE-2024-7529 The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Important Copyright 2024 Softline PJSC CVE-2024-7518 CVE-2024-7519 CVE-2024-7520 CVE-2024-7521 CVE-2024-7522 CVE-2024-7525 CVE-2024-7526 CVE-2024-7527 CVE-2024-7528 CVE-2024-7529 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. * CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. Moderate Copyright 2024 Softline PJSC CVE-2024-24783 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. * CVE-2024-37298 gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue. * CVE-2024-6104 go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. Important Copyright 2024 Softline PJSC CVE-2024-24783 CVE-2024-37298 CVE-2024-6104 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. Moderate Copyright 2024 Softline PJSC CVE-2024-24783 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime. * CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. Moderate Copyright 2024 Softline PJSC CVE-2024-24783 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. * CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. Moderate Copyright 2024 Softline PJSC CVE-2024-24783 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. * CVE-2024-24783 Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. Moderate Copyright 2024 Softline PJSC CVE-2024-24783 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-6923 There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. Moderate Copyright 2024 Softline PJSC CVE-2024-6923 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many arithmetic operations. * CVE-2024-40897 Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments. Moderate Copyright 2024 Softline PJSC CVE-2024-40897 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-6923 There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. Moderate Copyright 2024 Softline PJSC CVE-2024-6923 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). * CVE-2024-37370 In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. * CVE-2024-37371 In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Moderate Copyright 2024 Softline PJSC CVE-2024-37370 CVE-2024-37371 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. * CVE-2024-37891 A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects. Moderate Copyright 2024 Softline PJSC CVE-2024-37891 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-7518 Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. * CVE-2024-7519 Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7520 A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. * CVE-2024-7521 Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7522 Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1. * CVE-2024-7525 It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7526 ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7527 Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. * CVE-2024-7528 Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1. * CVE-2024-7529 The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14. Important Copyright 2024 Softline PJSC CVE-2024-7518 CVE-2024-7519 CVE-2024-7520 CVE-2024-7521 CVE-2024-7522 CVE-2024-7524 CVE-2024-7525 CVE-2024-7526 CVE-2024-7527 CVE-2024-7528 CVE-2024-7529 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Chromium is an open-source web browser, powered by WebKit (Blink) * CVE-2024-8362 Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-7970 Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Important Copyright 2024 Softline PJSC CVE-2024-7970 CVE-2024-8362 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Chromium is an open-source web browser, powered by WebKit (Blink) * CVE-2024-8636 Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8637 Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8638 Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8639 Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Important Copyright 2024 Softline PJSC CVE-2024-8636 CVE-2024-8637 CVE-2024-8638 CVE-2024-8639 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2024-22025 A vulnerability in Node.js has been identified, allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node.js always decodes Brotli, making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed into fetch() can exploit this vulnerability to exhaust memory, potentially leading to process termination, depending on the system configuration. * CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. * CVE-2024-27982 The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling attackers to smuggle in a second request within the body of the first. * CVE-2024-27983 An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. * CVE-2024-28182 The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability. Important Copyright 2024 Softline PJSC CVE-2024-22025 CVE-2024-25629 CVE-2024-27982 CVE-2024-27983 CVE-2024-28182 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. * CVE-2024-23184 A flaw was found in Dovecot. Processing a large number of address headers (From, To, Cc, Bcc, etc) can be excessively CPU intensive. This flaw allows a remote attacker to trigger a denial of service. * CVE-2024-23185 A security issue was found in Dovecot. Very large headers can lead to resource exhaustion when parsing messages. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to the message-header-parser, it starts building up a "full_value" buffer out of the smaller chunks. The full_value buffer has no size limit so large headers can cause large memory usage. This issue occurs whether it is a single long header line or a single header split into multiple lines. Moderate Copyright 2024 Softline PJSC CVE-2024-23184 CVE-2024-23185 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2024-4317 A flaw was found in PostgreSQL. Missing authorization in the built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. * CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. Important Copyright 2024 Softline PJSC CVE-2024-4317 CVE-2024-7348 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2024-4317 A flaw was found in PostgreSQL. Missing authorization in the built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. * CVE-2024-7348 Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected. Important Copyright 2024 Softline PJSC CVE-2024-4317 CVE-2024-7348 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2024-27280 A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2. * CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. (When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache.) The main fixed version is 6.6.3.1. For Ruby 3.0 users, a fixed version is rdoc 6.3.4.1. For Ruby 3.1 users, a fixed version is rdoc 6.4.1.1. For Ruby 3.2 users, a fixed version is rdoc 6.5.1.1. * CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1. Moderate Copyright 2024 Softline PJSC CVE-2024-27280 CVE-2024-27281 CVE-2024-27282 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2024-27280 A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2. * CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. (When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache.) The main fixed version is 6.6.3.1. For Ruby 3.0 users, a fixed version is rdoc 6.3.4.1. For Ruby 3.1 users, a fixed version is rdoc 6.4.1.1. For Ruby 3.2 users, a fixed version is rdoc 6.5.1.1. * CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1. Moderate Copyright 2024 Softline PJSC CVE-2024-27280 CVE-2024-27281 CVE-2024-27282 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2024-22018 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. * CVE-2024-22020 A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports. Exploiting this flaw can violate network import security, posing a risk to developers and servers. * CVE-2024-36137 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner and permissions of a file. Moderate Copyright 2024 Softline PJSC CVE-2024-22018 CVE-2024-22020 CVE-2024-36137 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2024-22025 A vulnerability in Node.js has been identified, allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node.js always decodes Brotli, making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed into fetch() can exploit this vulnerability to exhaust memory, potentially leading to process termination, depending on the system configuration. * CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. * CVE-2024-27982 The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling attackers to smuggle in a second request within the body of the first. * CVE-2024-27983 An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. * CVE-2024-28182 The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability. Important Copyright 2024 Softline PJSC CVE-2024-22025 CVE-2024-25629 CVE-2024-27982 CVE-2024-27983 CVE-2024-28182 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-7652 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. * CVE-2024-8381 The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. * CVE-2024-8382 The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. * CVE-2024-8384 The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. * CVE-2024-8385 The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. * CVE-2024-8386 The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. * CVE-2024-8387 The Mozilla Foundation's Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort, some of these could have been exploited to run arbitrary code. * CVE-2024-8394 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. Important Copyright 2024 Softline PJSC CVE-2024-7652 CVE-2024-8381 CVE-2024-8382 CVE-2024-8384 CVE-2024-8385 CVE-2024-8386 CVE-2024-8387 CVE-2024-8394 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. * CVE-2024-6345 A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. Important Copyright 2024 Softline PJSC CVE-2024-6345 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-7652 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. * CVE-2024-8381 The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. * CVE-2024-8382 The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had been used, such as when a user opened the Dev Tools console. * CVE-2024-8383 The Mozilla Foundation's Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. * CVE-2024-8384 The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. * CVE-2024-8385 The Mozilla Foundation's Security Advisory: A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. * CVE-2024-8386 The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. * CVE-2024-8387 The Mozilla Foundation's Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort, some of these could have been exploited to run arbitrary code. Important Copyright 2024 Softline PJSC CVE-2024-7652 CVE-2024-8381 CVE-2024-8382 CVE-2024-8383 CVE-2024-8384 CVE-2024-8385 CVE-2024-8386 CVE-2024-8387 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Chromium is an open-source web browser, powered by WebKit (Blink) * CVE-2024-8904 Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-8905 Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-8906 Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-8907 Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium) * CVE-2024-8908 Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) * CVE-2024-8909 Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Important Copyright 2024 Softline PJSC CVE-2024-8904 CVE-2024-8905 CVE-2024-8906 CVE-2024-8907 CVE-2024-8908 CVE-2024-8909 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. * CVE-2024-6119 A flaw was found in OpenSSL. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Moderate Copyright 2024 Softline PJSC CVE-2024-6119 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2024-39908 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. * CVE-2024-41123 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, `>]` and `]>`. The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities. * CVE-2024-41946 A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file. * CVE-2024-43398 A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service (DoS) when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2 parser API are not affected. Moderate Copyright 2024 Softline PJSC CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. * CVE-2024-45769 A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash. * CVE-2024-45770 A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges. Important Copyright 2024 Softline PJSC CVE-2024-45769 CVE-2024-45770 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Network Block Device (NBD) is a protocol for accessing Block Devices (hard disks and disk-like devices) over a Network. The libnbd is a userspace client library for writing NBD clients. * CVE-2024-7383 A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic. Moderate Copyright 2024 Softline PJSC CVE-2024-7383 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The cups-filters package contains back ends, filters, and other software that was once part of the core Common UNIX Printing System (CUPS) distribution but is now maintained independently. * CVE-2024-47076 CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. * CVE-2024-47175 CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176. * CVE-2024-47176 CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. Due to the service binding to `*:631 ( INADDR_ANY )`, multiple bugs in `cups-browsed` can be exploited in sequence to introduce a malicious printer to the system. This chain of exploits ultimately enables an attacker to execute arbitrary commands remotely on the target machine without authentication when a print job is started. This poses a significant security risk over the network. Notably, this vulnerability is particularly concerning as it can be exploited from the public internet, potentially exposing a vast number of systems to remote attacks if their CUPS services are enabled. Important Copyright 2024 Softline PJSC CVE-2024-47076 CVE-2024-47175 CVE-2024-47176 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-9392 A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9393 An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9394 An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9396 It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9397 A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9398 By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9399 A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9400 A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9401 Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9402 Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9403 Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131 and Thunderbird < 131. Important Copyright 2024 Softline PJSC CVE-2024-9392 CVE-2024-9393 CVE-2024-9394 CVE-2024-9396 CVE-2024-9397 CVE-2024-9398 CVE-2024-9399 CVE-2024-9400 CVE-2024-9401 CVE-2024-9402 CVE-2024-9403 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The golang packages provide the Go programming language compiler. * CVE-2024-9355 A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack. Moderate Copyright 2024 Softline PJSC CVE-2024-9355 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. * CVE-2023-20584 IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity. * CVE-2023-31356 Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity. Moderate Copyright 2024 Softline PJSC CVE-2023-20584 CVE-2023-31356 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-9392 A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9393 An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9394 An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9401 Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. * CVE-2024-9402 Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. Important Copyright 2024 Softline PJSC CVE-2024-9392 CVE-2024-9393 CVE-2024-9394 CVE-2024-9401 CVE-2024-9402 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. * CVE-2022-24805 net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. * CVE-2022-24806 net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. * CVE-2022-24807 net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. * CVE-2022-24808 net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a `SET` request to `NET-SNMP-AGENT-MIB::nsLogTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. * CVE-2022-24809 net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. * CVE-2022-24810 net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. Moderate Copyright 2024 Softline PJSC CVE-2022-24805 CVE-2022-24806 CVE-2022-24807 CVE-2022-24808 CVE-2022-24809 CVE-2022-24810 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2024 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2024-34155 A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. * CVE-2024-34158 A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. * CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. Important Copyright 2024 Softline PJSC CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 CVE-2024-9341 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-9680 An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. Important Copyright 2024 Softline PJSC CVE-2024-9680 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2024-34155 A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. * CVE-2024-34158 A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. * CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. Important Copyright 2024 Softline PJSC CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 CVE-2024-9341 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2024 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2024 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-9680 An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. Important Copyright 2024 Softline PJSC CVE-2024-9680 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The OpenIPMI packages provide command-line tools and utilities to access platform information using Intelligent Platform Management Interface (IPMI). System administrators can use OpenIPMI to manage systems and to perform system health monitoring. * CVE-2024-42934 OpenIPMI before 2.0.36 has an out-of-bounds array access (for authentication type) in the ipmi_sim simulator, resulting in denial of service or (with very low probability) authentication bypass or code execution. Moderate Copyright 2024 Softline PJSC CVE-2024-42934 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Chromium is an open-source web browser, powered by WebKit (Blink) * CVE-2024-9954 Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2024-9956 Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-9955 Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-9957 Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-9958 Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-9959 Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) * CVE-2024-9960 Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-9961 Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-9962 Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-9963 Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) * CVE-2024-9964 Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) Important Copyright 2024 Softline PJSC CVE-2024-9954 CVE-2024-9955 CVE-2024-9956 CVE-2024-9957 CVE-2024-9958 CVE-2024-9959 CVE-2024-9960 CVE-2024-9961 CVE-2024-9962 CVE-2024-9963 CVE-2024-9964 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The golang packages provide the Go programming language compiler. Security update: * CVE-2024-24788 A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. Bug Fixes: * Rebase to 1.21.10. * Re-enable CGO for cmd/go [rhel-9.4.z]. Moderate Copyright 2024 Softline PJSC CVE-2024-24788 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. * CVE-2023-48161 Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c * CVE-2024-21208 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). * CVE-2024-21210 Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21217 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21235 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Moderate Copyright 2024 Softline PJSC CVE-2023-48161 CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. * CVE-2023-48161 Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c * CVE-2024-21208 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). * CVE-2024-21210 Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21217 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21235 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Moderate Copyright 2024 Softline PJSC CVE-2023-48161 CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. * CVE-2023-48161 Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c * CVE-2024-21208 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). * CVE-2024-21210 Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21217 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21235 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Moderate Copyright 2024 Softline PJSC CVE-2023-48161 CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The LibTIFF packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. * CVE-2024-7006 A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service. Moderate Copyright 2024 Softline PJSC CVE-2024-7006 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. * CVE-2024-6119 A flaw was found in OpenSSL. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Moderate Copyright 2024 Softline PJSC CVE-2024-6119 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-6232 There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Moderate Copyright 2024 Softline PJSC CVE-2024-6232 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. * CVE-2024-6232 There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Moderate Copyright 2024 Softline PJSC CVE-2024-6232 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2024-23271 A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior. * CVE-2024-27820 The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. * CVE-2024-27838 The issue was addressed by adding additional logic. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user. * CVE-2024-27851 The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. * CVE-2024-40776 A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-40779 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-40780 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-40782 A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-40789 An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-40866 The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing. * CVE-2024-44187 A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. Important Copyright 2024 Softline PJSC CVE-2024-23271 CVE-2024-27820 CVE-2024-27838 CVE-2024-27851 CVE-2024-40776 CVE-2024-40779 CVE-2024-40780 CVE-2024-40782 CVE-2024-40789 CVE-2024-40866 CVE-2024-44187 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-6232 There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Moderate Copyright 2024 Softline PJSC CVE-2024-6232 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2024-47875 DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3. * CVE-2024-9355 A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack. Important Copyright 2024 Softline PJSC CVE-2024-47875 CVE-2024-9355 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2024-9675 A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. Important Copyright 2024 Softline PJSC CVE-2024-9675 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. * CVE-2023-31315 Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. Important Copyright 2024 Softline PJSC CVE-2023-31315 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This package containes the binaries for OpenEXR. * CVE-2023-5841 Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library. Important Copyright 2024 Softline PJSC CVE-2023-5841 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. * CVE-2023-6129 A flaw was found in in the POLY1305 MAC (message authentication code) implementation in OpenSSL, affecting applications running on PowerPC CPU-based platforms that utilize vector instructions, and has the potential to corrupt the internal state of these applications. If an attacker can manipulate the utilization of the POLY1305 MAC algorithm, it may lead to the corruption of the application state, resulting in various application-dependent consequences, often resulting in a crash and leading to a denial of service. * CVE-2023-6237 A flaw was found in OpenSSL. When the EVP_PKEY_public_check() function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large prime, this computation takes a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. * CVE-2024-0727 A flaw was found in OpenSSL. The optional ContentInfo fields can be set to null, even if the "type" is a valid value, which can lead to a null dereference error that may cause a denial of service. * CVE-2024-1298 EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability. Moderate Copyright 2024 Softline PJSC CVE-2023-6129 CVE-2023-6237 CVE-2024-0727 CVE-2024-1298 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 This package contains software for integrating the libreswan VPN software with NetworkManager and the GNOME desktop. * CVE-2024-9050 A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration. Important Copyright 2024 Softline PJSC CVE-2024-9050 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2024-40866 The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing. * CVE-2024-44185 A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to the program crashing. Code execution is not discarded as a consequence * CVE-2024-44187 A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. * CVE-2024-44244 A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to program to a crash. This issue occurs because code execution is not discarded as consequence. * CVE-2024-44296 A flaw was found in WebKitGTK. Processing maliciously crafted web content may prevent the Content Security Policy from being enforced. This issue leads to items that were banned from running to be executed. Important Copyright 2024 Softline PJSC CVE-2024-40866 CVE-2024-44185 CVE-2024-44187 CVE-2024-44244 CVE-2024-44296 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPython and Jython. * CVE-2024-36039 PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict. Moderate Copyright 2024 Softline PJSC CVE-2024-36039 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The postfix packages provide a Mail Transport Agent (MTA), which supports protocols like LDAP, SMTP AUTH (SASL), and TLS. * CVE-2023-51764 Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9. Moderate Copyright 2024 Softline PJSC CVE-2023-51764 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPython and Jython. * CVE-2024-36039 PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict. Moderate Copyright 2024 Softline PJSC CVE-2024-36039 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. * CVE-2024-6501 A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service. Low Copyright 2024 Softline PJSC CVE-2024-6501 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-0450 A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed. * CVE-2024-8088 There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. Moderate Copyright 2024 Softline PJSC CVE-2024-0450 CVE-2024-8088 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. * CVE-2023-38709 Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. * CVE-2024-24795 HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue. Moderate Copyright 2024 Softline PJSC CVE-2023-38709 CVE-2024-24795 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2024-34155 A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. * CVE-2024-34158 A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. * CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. * CVE-2024-9407 A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files. * CVE-2024-9675 A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. * CVE-2024-9676 A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. Important Copyright 2024 Softline PJSC CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 CVE-2024-9341 CVE-2024-9407 CVE-2024-9675 CVE-2024-9676 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. * CVE-2024-6232 There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Moderate Copyright 2024 Softline PJSC CVE-2024-6232 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2024 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). * CVE-2024-3596 RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. Important Copyright 2024 Softline PJSC CVE-2024-3596 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. * CVE-2024-47875 DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3. Important Copyright 2024 Softline PJSC CVE-2024-34156 CVE-2024-47875 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. * CVE-2024-37891 A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects. Moderate Copyright 2024 Softline PJSC CVE-2024-37891 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts (Red Hat), and pcmcia configuration files. * CVE-2023-27349 BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19908. * CVE-2023-44431 BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19909. * CVE-2023-45866 Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. * CVE-2023-50229 BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20936. * CVE-2023-50230 BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20938. * CVE-2023-51580 BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20852. * CVE-2023-51589 BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20853. * CVE-2023-51592 BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20854. * CVE-2023-51594 BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of OBEX protocol parameters. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20937. * CVE-2023-51596 BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20939. Moderate Copyright 2024 Softline PJSC CVE-2023-27349 CVE-2023-44431 CVE-2023-45866 CVE-2023-50229 CVE-2023-50230 CVE-2023-51580 CVE-2023-51589 CVE-2023-51592 CVE-2023-51594 CVE-2023-51596 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. * CVE-2024-2236 A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. Moderate Copyright 2024 Softline PJSC CVE-2024-2236 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-6232 There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Moderate Copyright 2024 Softline PJSC CVE-2024-6232 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. * CVE-2024-25081 Splinefont in FontForge through 20230101 allows command injection via crafted filenames. * CVE-2024-25082 Splinefont in FontForge through 20230101 allows command injection via crafted archives or compressed files. Moderate Copyright 2024 Softline PJSC CVE-2024-25081 CVE-2024-25082 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. * CVE-2024-47175 CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176. Low Copyright 2024 Softline PJSC CVE-2024-47175 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNU nano is a small and friendly text editor. * CVE-2024-5742 A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink. Low Copyright 2024 Softline PJSC CVE-2024-5742 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-6232 There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. Moderate Copyright 2024 Softline PJSC CVE-2024-6232 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The microcode_ctl packages provide microcode updates for Intel and AMD processors. * CVE-2023-22655 Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2023-28746 A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system. * CVE-2023-38575 Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. * CVE-2023-39368 Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network access. * CVE-2023-43490 Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access. * CVE-2023-45733 Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. * CVE-2023-46103 Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access. Moderate Copyright 2024 Softline PJSC CVE-2023-22655 CVE-2023-28746 CVE-2023-38575 CVE-2023-39368 CVE-2023-43490 CVE-2023-45733 CVE-2023-46103 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2024-34155 A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. * CVE-2024-34158 A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. * CVE-2024-9341 A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. * CVE-2024-9407 A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files. * CVE-2024-9675 A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. * CVE-2024-9676 A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. Important Copyright 2024 Softline PJSC CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 CVE-2024-9341 CVE-2024-9407 CVE-2024-9675 CVE-2024-9676 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime. * CVE-2024-24788 A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. Moderate Copyright 2024 Softline PJSC CVE-2024-24788 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-jwcrypto package provides Python implementations of the JSON Web Key (JWK), JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Token (JWT) JOSE (JSON Object Signing and Encryption) standards. * CVE-2023-6681 A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack. Moderate Copyright 2024 Softline PJSC CVE-2023-6681 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module (TPM) 2.0 devices from user space. * CVE-2024-29038 tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7. * CVE-2024-29039 tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7. Low Copyright 2024 Softline PJSC CVE-2024-29038 CVE-2024-29039 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. * CVE-2024-0450 A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed. * CVE-2024-4032 The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior. * CVE-2024-8088 There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. Moderate Copyright 2024 Softline PJSC CVE-2024-0450 CVE-2024-4032 CVE-2024-8088 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. * CVE-2024-26327 An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. * CVE-2024-3446 A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host. * CVE-2024-7409 A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. Moderate Copyright 2024 Softline PJSC CVE-2024-26327 CVE-2024-3446 CVE-2024-7409 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter (eBPF) available in recent Linux kernels (4.x). BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing capabilities: kernel dynamic tracing (kprobes), user-level dynamic tracing (uprobes), and tracepoints. The BPFtrace language is inspired by awk and C, and predecessor tracers such as DTrace and SystemTap * CVE-2024-2313 If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. Low Copyright 2024 Softline PJSC CVE-2024-2313 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2023-42843 An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing. * CVE-2023-42950 A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution. * CVE-2023-42956 The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. * CVE-2024-4558 Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Important Copyright 2024 Softline PJSC CVE-2023-42843 CVE-2023-42950 CVE-2023-42956 CVE-2024-4558 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. * CVE-2020-27827 A flaw was found in multiple versions of Open vSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. * CVE-2021-43612 An out-of-bounds read vulnerability is present in lldpd. An attacker on the same network as the vulnerable system may use this vulnerability to leak memory data from the application or crash it by sending shorter SONMP packets than what is expected. * CVE-2023-41910 A flaw was found in lldpd due to an out-of-bounds read in cdp_decode at daemon/protocols/cdp.c. By sending a specially crafted CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a remote attacker could cause a denial of service. Moderate Copyright 2024 Softline PJSC CVE-2020-27827 CVE-2021-43612 CVE-2023-41910 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-42283 Linux Kernel is vulnerable to a denial of service, caused by a missing initialization by the nla_put_nh_group() function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-46824 In the Linux kernel, the following vulnerability has been resolved: iommufd: Require drivers to supply the cache_invalidate_user ops. * CVE-2024-46858 In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in __timer_delete_sync. Moderate Copyright 2024 Softline PJSC CVE-2024-42283 CVE-2024-46824 CVE-2024-46858 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. * CVE-2024-3727 A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. Moderate Copyright 2024 Softline PJSC CVE-2024-24791 CVE-2024-3727 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNOME Shell acts as a compositing manager for the desktop, and displays both application windows and other objects. It provides core interface functions like switching windows, launching applications, and notifications. It takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts. * CVE-2024-36472 In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior. Moderate Copyright 2024 Softline PJSC CVE-2024-36472 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. * CVE-2024-24788 A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. * CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. * CVE-2024-3727 A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. * CVE-2024-6104 go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. Moderate Copyright 2024 Softline PJSC CVE-2024-24788 CVE-2024-24791 CVE-2024-3727 CVE-2024-6104 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. * CVE-2024-31080 A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. * CVE-2024-31081 A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. * CVE-2024-31083 A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request. Moderate Copyright 2024 Softline PJSC CVE-2024-31080 CVE-2024-31081 CVE-2024-31083 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-8088 There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. Moderate Copyright 2024 Softline PJSC CVE-2024-8088 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2024 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-dns package contains the dnslib module that implements a DNS client and additional modules that define certain symbolic constants used by DNS, such as dnstype, dnsclass and dnsopcode. * CVE-2023-29483 eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. Moderate Copyright 2024 Softline PJSC CVE-2023-29483 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: • Thread safety. • Connection pooling. • Client-side SSL/TLS verification. • File uploads with multipart encoding. • Helpers for retrying requests and dealing with HTTP redirects. • Support for gzip, deflate, brotli, and zstd encoding. • Proxy support for HTTP and SOCKS. • 100% test coverage. * CVE-2024-37891 A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects. Moderate Copyright 2024 Softline PJSC CVE-2024-37891 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Vim (Vi IMproved) is an updated and improved version of the vi editor. * CVE-2021-3903 vim is vulnerable to Heap-based Buffer Overflow Low Copyright 2024 Softline PJSC CVE-2021-3903 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. * CVE-2024-42472 A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files outside the designated sandbox. As a result, the attacker could potentially manipulate the file system, leading to unauthorized actions that compromise the security and integrity of the system. Important Copyright 2024 Softline PJSC CVE-2024-42472 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. * CVE-2024-34397 An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact. Moderate Copyright 2024 Softline PJSC CVE-2024-34397 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. * CVE-2024-2511 Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service. * CVE-2024-4603 Checking excessively long DSA keys or parameters may be very slow. Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. * CVE-2024-4741 A use-after-free vulnerability was found in OpenSSL. Calling the OpenSSL API SSL_free_buffers function may cause memory to be accessed that was previously freed in some situations. * CVE-2024-5535 A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSL_select_next_proto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called with a zero-length client list. This issue is only exploitable if the application is misconfigured to use a zero-length server list and mishandles the 'no overlap' response in ALPN or uses the output as the opportunistic protocol in NPN. Low Copyright 2024 Softline PJSC CVE-2024-2511 CVE-2024-4603 CVE-2024-4741 CVE-2024-5535 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). * CVE-2024-26458 Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. * CVE-2024-26461 Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. * CVE-2024-26462 Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. Moderate Copyright 2024 Softline PJSC CVE-2024-26458 CVE-2024-26461 CVE-2024-26462 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. * CVE-2024-6126 A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack. Low Copyright 2024 Softline PJSC CVE-2024-6126 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news. * CVE-2024-30203 In Emacs before 29.3, Gnus treats inline MIME contents as trusted. * CVE-2024-30204 A flaw was found in Emacs. When Emacs is used as an email client, a preview of a crafted LaTeX document attached to an email can exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results in a denial of service. * CVE-2024-30205 In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23. Moderate Copyright 2024 Softline PJSC CVE-2024-30203 CVE-2024-30204 CVE-2024-30205 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. * CVE-2024-34055 Cyrus IMAP before 3.8.3 and 3.10.x before 3.10.0-rc1 allows authenticated attackers to cause unbounded memory allocation by sending many LITERALs in a single command. Moderate Copyright 2024 Softline PJSC CVE-2024-34055 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes. * CVE-2024-24788 A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. Moderate Copyright 2024 Softline PJSC CVE-2024-24788 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. * CVE-2024-24814 A flaw was found in mod_auth_openidc, an OpenID Certified™ authentication and authorization module for the Apache HTTP server. Missing input validation in the mod_auth_openidc_session_chunks cookie value can make the server vulnerable to a denial of service attack. This issue may allow a remote attacker to craft a request that causes the application or system to slow down or crash due to unhandled errors. Moderate Copyright 2024 Softline PJSC CVE-2024-24814 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. * CVE-2024-6239 A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. Moderate Copyright 2024 Softline PJSC CVE-2024-6239 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss. * CVE-2023-7250 A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service. * CVE-2024-26306 iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. Moderate Copyright 2024 Softline PJSC CVE-2023-7250 CVE-2024-26306 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Jose is a C-language implementation of the Javascript Object Signing and Encryption standards. The jose package is a dependency of the clevis and tang packages, together providing Network Bound Disk Encryption (NBDE) in Red Hat Enterprise Linux. * CVE-2023-50967 latchset jose through version 11 allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value. * CVE-2024-28176 jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5. Moderate Copyright 2024 Softline PJSC CVE-2023-50967 CVE-2024-28176 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 BPF Compiler Collection (BCC) is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter (eBPF) tool. * CVE-2024-2314 If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. Low Copyright 2024 Softline PJSC CVE-2024-2314 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The GTK+ library provides a multi-platform toolkit for creating graphical user interfaces. The gtk3 packages contain GTK+ version 3. * CVE-2024-6655 A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory. Moderate Copyright 2024 Softline PJSC CVE-2024-6655 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. * CVE-2024-34064 Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4. Moderate Copyright 2024 Softline PJSC CVE-2024-34064 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2024-24788 A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. * CVE-2024-24789 The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors. * CVE-2024-24790 The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. * CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. * CVE-2024-6104 go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. Moderate Copyright 2024 Softline PJSC CVE-2024-24788 CVE-2024-24789 CVE-2024-24790 CVE-2024-24791 CVE-2024-6104 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. * CVE-2024-8235 A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon. Moderate Copyright 2024 Softline PJSC CVE-2024-8235 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. * CVE-2023-45290 When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. * CVE-2024-24785 If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. * CVE-2024-24788 A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. * CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. Moderate Copyright 2024 Softline PJSC CVE-2023-45290 CVE-2024-24785 CVE-2024-24788 CVE-2024-24791 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2022-4122 A vulnerability was found in buildah and podman. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure. * CVE-2024-24789 The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors. * CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. * CVE-2024-3727 A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. Moderate Copyright 2024 Softline PJSC CVE-2022-4122 CVE-2024-24789 CVE-2024-24791 CVE-2024-3727 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Xwayland is an X server for running X clients under Wayland. * CVE-2024-31080 A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. * CVE-2024-31081 A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. * CVE-2024-31083 A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request. Moderate Copyright 2024 Softline PJSC CVE-2024-31080 CVE-2024-31081 CVE-2024-31083 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. * CVE-2024-24788 A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. * CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. Moderate Copyright 2024 Softline PJSC CVE-2024-24788 CVE-2024-24791 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. * CVE-2024-22211 FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability. * CVE-2024-32039 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default). * CVE-2024-32040 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`). * CVE-2024-32041 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead. * CVE-2024-32458 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support). * CVE-2024-32459 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available. * CVE-2024-32460 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support. * CVE-2024-32658 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available. * CVE-2024-32659 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available. * CVE-2024-32660 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available. * CVE-2024-32661 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available. * CVE-2024-32662 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate. Version 3.5.1 contains a patch for the issue. No known workarounds are available. Moderate Copyright 2024 Softline PJSC CVE-2024-22211 CVE-2024-32039 CVE-2024-32040 CVE-2024-32041 CVE-2024-32458 CVE-2024-32459 CVE-2024-32460 CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661 CVE-2024-32662 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-10458 A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10459 An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10460 The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10461 In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10462 Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10463 Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10464 Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10465 A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10466 By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10467 Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-9680 An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. Important Copyright 2024 Softline PJSC CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461 CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465 CVE-2024-10466 CVE-2024-10467 CVE-2024-9680 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-10458 A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10459 An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10460 The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10461 In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10462 Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10463 Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10464 Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10465 A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10466 By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10467 Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-9680 An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. Important Copyright 2024 Softline PJSC CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461 CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465 CVE-2024-10466 CVE-2024-10467 CVE-2024-9680 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. * CVE-2024-45769 A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash. * CVE-2024-45770 A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges. Moderate Copyright 2024 Softline PJSC CVE-2024-45769 CVE-2024-45770 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. * CVE-2024-5197 A flaw was found in libvpx. When creating images, libvpx trusts the width, height, and alignment of the user input. However, it does not properly validate the provided values. This flaw allows an attacker to craft user inputs or trick the user into opening crafted files, where these types of values are invalid, leading to integer overflows during memory allocation procedures. A successful full attack leads to the targeted application crashing, resulting in a denial of service or memory corruption, which results in data integrity issues. Moderate Copyright 2024 Softline PJSC CVE-2024-5197 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. * CVE-2024-45802 A flaw was found in Squid. Due to input validation and resource management issues, a denial of service may be triggered during the processing of certain Edge Side Includes (ESI) response content. Important Copyright 2024 Softline PJSC CVE-2024-45802 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libsoup packages provide an HTTP client and server library for GNOME. * CVE-2024-52530 GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header. * CVE-2024-52532 GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients. Important Copyright 2024 Softline PJSC CVE-2024-52530 CVE-2024-52532 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This package containes the binaries for OpenEXR. * CVE-2023-5841 Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library. Important Copyright 2024 Softline PJSC CVE-2023-5841 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Expat is a C library for parsing XML documents. * CVE-2024-50602 An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Moderate Copyright 2024 Softline PJSC CVE-2024-50602 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.100 and .NET Runtime 9.0.1.0. * CVE-2024-43498 A type confusion vulnerability was found in .NET 9.0 Core in .NET that leads to AV in the .NET Core NrbfDecoder component. * CVE-2024-43499 A vulnerability was found in .NET. Specifically .NET 9.0 Core - DoS - (unbounded work factor) in NrbfDecoder component. Important Copyright 2024 Softline PJSC CVE-2024-43498 CVE-2024-43499 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2024-9407 A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files. * CVE-2024-9675 A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. * CVE-2024-9676 A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. Important Copyright 2024 Softline PJSC CVE-2024-9407 CVE-2024-9675 CVE-2024-9676 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-10458 A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10459 An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10460 The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10461 In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10462 Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10463 Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10464 Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10465 A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10466 By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10467 Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Moderate Copyright 2024 Softline PJSC CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461 CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465 CVE-2024-10466 CVE-2024-10467 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-10458 A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10459 An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10460 The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10461 In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10462 Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10463 Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10464 Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10465 A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10466 By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. * CVE-2024-10467 Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. Moderate Copyright 2024 Softline PJSC CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461 CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465 CVE-2024-10466 CVE-2024-10467 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. * CVE-2024-36387 Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance. Low Copyright 2024 Softline PJSC CVE-2024-36387 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.110 and .NET Runtime 8.0.10. * CVE-2024-38229 A flaw was found in dotnet. When closing an HTTP/3 stream while application code is writing to the response body, a race condition can cause a use-after-free. * CVE-2024-43483 A flaw was found in dotnet. The System.Security.Cryptography.Cose, System.IO.Packaging and System.Runtime.Caching components may be exposed to hostile input, making them susceptible to hash flooding attacks, resulting in denial of service. * CVE-2024-43484 A flaw was found in dotnet. The System.IO.Packaging library may allow untrusted inputs to influence algorithmically complex operations, resulting in a denial of service. * CVE-2024-43485 A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an [ExtensionData] property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service. Important Copyright 2024 Softline PJSC CVE-2024-38229 CVE-2024-43483 CVE-2024-43484 CVE-2024-43485 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35. * CVE-2024-43483 A flaw was found in dotnet. The System.Security.Cryptography.Cose, System.IO.Packaging and System.Runtime.Caching components may be exposed to hostile input, making them susceptible to hash flooding attacks, resulting in denial of service. * CVE-2024-43484 A flaw was found in dotnet. The System.IO.Packaging library may allow untrusted inputs to influence algorithmically complex operations, resulting in a denial of service. * CVE-2024-43485 A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an [ExtensionData] property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service. Important Copyright 2024 Softline PJSC CVE-2024-43483 CVE-2024-43484 CVE-2024-43485 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_jk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Security fix: * CVE-2024-46544 Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. Only mod_jk on Unix like systems is affected. Neither the ISAPI redirector nor mod_jk on Windows is affected. Users are recommended to upgrade to version 1.2.50, which fixes the issue. Bug Fix: * Rebase to upstream 1.2.50 release. Moderate Copyright 2024 Softline PJSC CVE-2024-46544 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2024 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2024 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news. * CVE-2024-39331 A flaw was found in Emacs. Arbitrary shell commands can be executed without prompting when an Org mode file is opened or when the Org mode is enabled, when Emacs is used as an email client, this issue can be triggered when previewing email attachments. Moderate Copyright 2024 Softline PJSC CVE-2024-39331 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. * CVE-2024-42472 A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files outside the designated sandbox. As a result, the attacker could potentially manipulate the file system, leading to unauthorized actions that compromise the security and integrity of the system. Important Copyright 2024 Softline PJSC CVE-2024-42472 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. * CVE-2024-29510 Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. * CVE-2024-33869 An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command# output filename. * CVE-2024-33870 An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ is permitted. Moderate Copyright 2024 Softline PJSC CVE-2024-29510 CVE-2024-33869 CVE-2024-33870 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. * CVE-2024-38428 A flaw was found in wget. Incorrect handling of semicolons in the userinfo subcomponent of a URI allows it to be misinterpreted as part of the host subcomponent, potentially exposing user credentials. Moderate Copyright 2024 Softline PJSC CVE-2024-38428 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. * CVE-2024-6472 Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5. Moderate Copyright 2024 Softline PJSC CVE-2024-6472 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libuv is a multi-platform support library with a focus on asynchronous I/O. * CVE-2024-24806 A server-side request forgery (SSRF) flaw was found in the libuv package due to how the hostname_ascii variable is handled in uv_getaddrinfo and uv__idna_toascii. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result, attackers may be able to access internal APIs or for websites that allow users to have username.example.com pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. Moderate Copyright 2024 Softline PJSC CVE-2024-24806 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. * CVE-2024-39936 A vulnerability was found in qtbase, qthttpserver. An established connection may execute too early before the encrypted() signal is established. Important Copyright 2024 Softline PJSC CVE-2024-39936 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. * CVE-2024-34397 An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact. Moderate Copyright 2024 Softline PJSC CVE-2024-34397 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Expat is a C library for parsing XML documents. * CVE-2024-45490 An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. * CVE-2024-45491 An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). * CVE-2024-45492 An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Moderate Copyright 2024 Softline PJSC CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The OpenJDK 21 runtime environment. * CVE-2023-48161 Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c * CVE-2024-21208 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). * CVE-2024-21210 Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21217 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21235 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Moderate Copyright 2024 Softline PJSC CVE-2023-48161 CVE-2024-21208 CVE-2024-21210 CVE-2024-21217 CVE-2024-21235 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The ca-certificates package contains a set of Certificate Authority (CA) certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure (PKI). Security update: * CVE-2023-37920 Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. Bug Fixes and Enhancements: * Annual 2024 ca-certificates update version 2.69 from NSS 3.101.1 for Firefox 128 [rhel-9.4.z]. * Provide ca-certificates in directory format to resolve Application performance regression in OpenSSL [rhel-9.4.z]. * calling update-ca-trust on RHEL-9 should be supported with just about any argument [rhel-9.4.z]. Low Copyright 2024 Softline PJSC CVE-2023-37920 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. * CVE-2024-21131 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21138 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21140 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21145 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21147 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Important Copyright 2024 Softline PJSC CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21145 CVE-2024-21147 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. * CVE-2024-21131 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21138 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21140 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21144 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). * CVE-2024-21145 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21147 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Important Copyright 2024 Softline PJSC CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21144 CVE-2024-21145 CVE-2024-21147 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. * CVE-2024-21131 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21138 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21140 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21145 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21147 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Important Copyright 2024 Softline PJSC CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21145 CVE-2024-21147 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The c-ares C library defines asynchronous DNS (Domain Name System) requests and provides name resolving API. * CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. Low Copyright 2024 Softline PJSC CVE-2024-25629 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network. Tickets facilitated by a Booth formation are the units of authorization that can be bound to certain resources. This will ensure that the resources are run at only one (granted) site at a time. * CVE-2024-3049 A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. Important Copyright 2024 Softline PJSC CVE-2024-3049 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture (HSA) Linux kernel driver (amdkfd). * CVE-2024-3651 A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size. Moderate Copyright 2024 Softline PJSC CVE-2024-3651 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. * CVE-2024-30045 .NET and Visual Studio Remote Code Execution Vulnerability * CVE-2024-30046 Visual Studio Denial of Service Vulnerability Important Copyright 2024 Softline PJSC CVE-2024-30045 CVE-2024-30046 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gnutls package provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. * CVE-2024-28834 A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel. * CVE-2024-28835 A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command. Moderate Copyright 2024 Softline PJSC CVE-2024-28834 CVE-2024-28835 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. * CVE-2024-27316 HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. Moderate Copyright 2024 Softline PJSC CVE-2024-27316 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The traceroute utility displays the route used by IP packets on their way to a specified network (or Internet) host. * CVE-2023-46316 In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. Moderate Copyright 2024 Softline PJSC CVE-2023-46316 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The exfatprogs package contains utilities for formatting and repairing exFAT filesystems. * CVE-2023-45897 exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set. Moderate Copyright 2024 Softline PJSC CVE-2023-45897 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The zziplib is a lightweight library to easily extract data from zip files. * CVE-2020-18770 An invalid memory access flaw was found in the mmapped.c file's zzip_disk_entry_to_file_header function in Zziplib. This issue could allow an attacker to entice a victim into opening a specially crafted file, leading to a denial of service. Moderate Copyright 2024 Softline PJSC CVE-2020-18770 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 freeglut is a completely open source alternative to the OpenGL Utility Toolkit (GLUT) library with an OSI approved free software license. * CVE-2024-24258 freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function. * CVE-2024-24259 freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function. Moderate Copyright 2024 Softline PJSC CVE-2024-24258 CVE-2024-24259 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. * CVE-2023-37327 A heap-based buffer overflow vulnerability was found in the FLAC parser in GStreamer. This issue occurs when processing malformed image tags, which could allow a malicious third party to induce a crash in the application and potentially execute code by manipulating the heap. Moderate Copyright 2024 Softline PJSC CVE-2023-37327 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. * CVE-2023-29499 A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. * CVE-2023-32611 A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service. * CVE-2023-32636 A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499. * CVE-2023-32665 A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service. Low Copyright 2024 Softline PJSC CVE-2023-29499 CVE-2023-32611 CVE-2023-32636 CVE-2023-32665 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. * CVE-2023-40474 GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21660. * CVE-2023-40475 GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21661. * CVE-2023-40476 GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H265 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21768. * CVE-2023-50186 GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of metadata within AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22300. Moderate Copyright 2024 Softline PJSC CVE-2023-40474 CVE-2023-40475 CVE-2023-40476 CVE-2023-50186 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. * CVE-2023-4874 Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12 * CVE-2023-4875 Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12 Moderate Copyright 2024 Softline PJSC CVE-2023-4874 CVE-2023-4875 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. * CVE-2021-41043 Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact. Moderate Copyright 2024 Softline PJSC CVE-2021-41043 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 HarfBuzz is an implementation of the OpenType Layout engine. * CVE-2023-25193 hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. Moderate Copyright 2024 Softline PJSC CVE-2023-25193 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for manipulating squashfs file systems. * CVE-2021-40153 squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination. * CVE-2021-41072 squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem. Moderate Copyright 2024 Softline PJSC CVE-2021-40153 CVE-2021-41072 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 X.Org X11 libXpm runtime library. * CVE-2023-43788 A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system. * CVE-2023-43789 A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Moderate Copyright 2024 Softline PJSC CVE-2023-43788 CVE-2023-43789 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libX11 packages contain the core X11 protocol client library. * CVE-2023-43785 A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system. * CVE-2023-43786 A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. * CVE-2023-43787 A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges. Moderate Copyright 2024 Softline PJSC CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. * CVE-2023-47038 A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. Moderate Copyright 2024 Softline PJSC CVE-2023-47038 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. * CVE-2022-33065 Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts. Moderate Copyright 2024 Softline PJSC CVE-2022-33065 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. * CVE-2023-37328 GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of PGS subtitle files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20994. Moderate Copyright 2024 Softline PJSC CVE-2023-37328 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Pixman is a pixel manipulation library for the X Window System and Cairo. * CVE-2022-44638 A flaw was found in Pixman. This issue causes an out-of-bounds write in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. This can result in data corruption, a crash, or code execution. Moderate Copyright 2024 Softline PJSC CVE-2022-44638 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). * CVE-2023-1729 A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. Low Copyright 2024 Softline PJSC CVE-2023-1729 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. * CVE-2023-31489 An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function. * CVE-2023-31490 An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function. * CVE-2023-41358 An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. * CVE-2023-41359 An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation. * CVE-2023-41360 An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation. * CVE-2023-41909 An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. * CVE-2023-46752 An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. * CVE-2023-46753 An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. Moderate Copyright 2024 Softline PJSC CVE-2023-31489 CVE-2023-31490 CVE-2023-41358 CVE-2023-41359 CVE-2023-41360 CVE-2023-41909 CVE-2023-46752 CVE-2023-46753 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. * CVE-2023-43804 urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5. Moderate Copyright 2024 Softline PJSC CVE-2023-43804 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. * CVE-2024-21131 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21138 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21140 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21144 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). * CVE-2024-21145 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2024-21147 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Important Copyright 2024 Softline PJSC CVE-2024-21131 CVE-2024-21138 CVE-2024-21140 CVE-2024-21144 CVE-2024-21145 CVE-2024-21147 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. * CVE-2023-52160 The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Moderate Copyright 2024 Softline PJSC CVE-2023-52160 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. * CVE-2021-29390 A heap buffer over-read flaw was found in libjpeg-turbo. For certain types of smoothed jpeg images, the decompress_smooth_data() function may improperly enter a condition statement that leads to heap memory read of uninitialized data, which may cause an application crash or loss of confidentiality. Moderate Copyright 2024 Softline PJSC CVE-2021-29390 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 MinGW (Minimalist GNU for Windows) is a free and open source software development environment to create Microsoft Windows applications. * CVE-2023-1579 Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. Moderate Copyright 2024 Softline PJSC CVE-2023-1579 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives and recipes to Python developers. * CVE-2023-49083 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6. Moderate Copyright 2024 Softline PJSC CVE-2023-49083 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object. * CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1. * CVE-2023-28756 A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2. * CVE-2024-27280 A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2. * CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. (When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache.) The main fixed version is 6.6.3.1. For Ruby 3.0 users, a fixed version is rdoc 6.3.4.1. For Ruby 3.1 users, a fixed version is rdoc 6.4.1.1. For Ruby 3.2 users, a fixed version is rdoc 6.5.1.1. * CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. The fixed versions are 3.0.7, 3.1.5, 3.2.4, and 3.3.1. Moderate Copyright 2024 Softline PJSC CVE-2021-33621 CVE-2023-28755 CVE-2023-28756 CVE-2024-27280 CVE-2024-27281 CVE-2024-27282 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM, the Motif Window Manager. * CVE-2023-43788 A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system. * CVE-2023-43789 A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Moderate Copyright 2024 Softline PJSC CVE-2023-43788 CVE-2023-43789 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. * CVE-2023-6004 A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter. * CVE-2023-6918 A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the uninitialized memory as an input for the KDF. In this case, non-matching keys will result in decryption/integrity failures, terminating the connection. Low Copyright 2024 Softline PJSC CVE-2023-6004 CVE-2023-6918 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2024-22025 A vulnerability in Node.js has been identified, allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node.js always decodes Brotli, making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed into fetch() can exploit this vulnerability to exhaust memory, potentially leading to process termination, depending on the system configuration. * CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. * CVE-2024-27982 The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly, enabling attackers to smuggle in a second request within the body of the first. * CVE-2024-27983 An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. * CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability. Important Copyright 2024 Softline PJSC CVE-2024-22025 CVE-2024-25629 CVE-2024-27982 CVE-2024-27983 CVE-2024-28182 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. * CVE-2022-48622 In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c. Moderate Copyright 2024 Softline PJSC CVE-2022-48622 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats. * CVE-2022-48554 File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. Low Copyright 2024 Softline PJSC CVE-2022-48554 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Process Management Interface (PMI) provides process management functions for MPI implementations. PMI Exascale (PMIx) provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. * CVE-2023-41915 OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. Important Copyright 2024 Softline PJSC CVE-2023-41915 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libxml2 library is a development toolbox providing the implementation of various XML standards. * CVE-2024-25062 An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. Moderate Copyright 2024 Softline PJSC CVE-2024-25062 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2020-26555 A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even without knowledge of the key. * CVE-2022-0480 A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks. * CVE-2022-38096 A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). * CVE-2022-45934 An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. * CVE-2022-48947 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow. * CVE-2022-49011 In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new(). * CVE-2023-24023 Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS. * CVE-2023-25775 Improper access control in the Intel(R) Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access. * CVE-2023-28464 hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation. * CVE-2023-28866 In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not. * CVE-2023-31083 An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur. * CVE-2023-3567 A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. * CVE-2023-37453 An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c. * CVE-2023-39189 A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. * CVE-2023-39193 A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. * CVE-2023-39194 A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure. * CVE-2023-39198 A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigger a use-after-free issue, potentially leading to a denial of service or privilege escalation. * CVE-2023-4133 A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition. * CVE-2023-42754 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. * CVE-2023-42756 A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system. * CVE-2023-45863 An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. * CVE-2023-46862 An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an io_uring/fdinfo.c io_uring_show_fdinfo NULL pointer dereference can occur. * CVE-2023-51043 In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload. * CVE-2023-51779 bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. * CVE-2023-51780 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. * CVE-2023-52434 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential OOBs in smb2_parse_contexts(). Validate offsets and lengths before dereferencing create contexts in smb2_parse_contexts(). * CVE-2023-52448 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump. * CVE-2023-52450 In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology(). * CVE-2023-52476 In the Linux kernel, the following vulnerability has been resolved: perf/x86/lbr: Filter vsyscall addresses. * CVE-2023-52489 In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage. * CVE-2023-52522 In the Linux kernel, the following vulnerability has been resolved: net: fix possible store tearing in neigh_periodic_work(). * CVE-2023-52529 In the Linux kernel, the following vulnerability has been resolved: HID: sony: Fix a potential memory leak in sony_probe(). * CVE-2023-52574 In the Linux kernel, the following vulnerability has been resolved: team: fix null-ptr-deref when team device type is changed. * CVE-2023-52578 In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEV_STATS_INC(). * CVE-2023-52580 In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETH_P_1588 flow dissector. When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to __skb_flow_dissect, nhoff value calculation is wrong. For example: hdr->message_length takes the wrong value (0xffff) and it does not replicate real header length. In this case, 'nhoff' value was overridden and the PTP header was badly dissected. This leads to a kernel crash. * CVE-2023-52581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired. * CVE-2023-52597 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register. * CVE-2023-52610 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix skb leak and crash on ooo frags. * CVE-2023-52620 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets. Never used from userspace, disallow these parameters. * CVE-2023-6040 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access. * CVE-2023-6121 An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg). * CVE-2023-6176 A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system. * CVE-2023-6531 A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. * CVE-2023-6546 A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system. * CVE-2023-6622 A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service. * CVE-2023-6915 A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return. * CVE-2023-6931 A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b. * CVE-2023-6932 A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. * CVE-2024-0565 An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service. * CVE-2024-0841 A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. * CVE-2024-1085 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. * CVE-2024-1086 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. * CVE-2024-25744 In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem_encrypt_amd.c. * CVE-2024-26582 In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt. * CVE-2024-26583 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close. * CVE-2024-26584 In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests. * CVE-2024-26585 In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close. * CVE-2024-26586 A kernel stack flaw that corrupted the Linux kernel’s Mellanox Technologies Spectrum Ethernet driver was found when a user initialized more than 16 access control lists (ACLs). This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2024-26593 In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions. * CVE-2024-26602 In the Linux kernel, the following vulnerability has been resolved: sched/membarrier: reduce the ability to hammer on sys_membarrier. On some systems, sys_membarrier can be very expensive, causing overall slowdowns for everything. So put a lock on the path in order to serialize the accesses to prevent the ability for this to be called at too high of a frequency and saturate the machine. * CVE-2024-26609 kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters * CVE-2024-26633 In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim(). * CVE-2024-26671 In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race. Important Copyright 2024 Softline PJSC CVE-2020-26555 CVE-2022-0480 CVE-2022-38096 CVE-2022-45934 CVE-2022-48947 CVE-2022-49011 CVE-2023-24023 CVE-2023-25775 CVE-2023-28464 CVE-2023-28866 CVE-2023-31083 CVE-2023-3567 CVE-2023-37453 CVE-2023-39189 CVE-2023-39193 CVE-2023-39194 CVE-2023-39198 CVE-2023-4133 CVE-2023-42754 CVE-2023-42756 CVE-2023-45863 CVE-2023-46862 CVE-2023-51043 CVE-2023-51779 CVE-2023-51780 CVE-2023-52434 CVE-2023-52448 CVE-2023-52450 CVE-2023-52476 CVE-2023-52489 CVE-2023-52522 CVE-2023-52529 CVE-2023-52574 CVE-2023-52578 CVE-2023-52580 CVE-2023-52581 CVE-2023-52597 CVE-2023-52610 CVE-2023-52620 CVE-2023-6040 CVE-2023-6121 CVE-2023-6176 CVE-2023-6531 CVE-2023-6546 CVE-2023-6622 CVE-2023-6915 CVE-2023-6931 CVE-2023-6932 CVE-2024-0565 CVE-2024-0841 CVE-2024-1085 CVE-2024-1086 CVE-2024-25744 CVE-2024-26582 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-26586 CVE-2024-26593 CVE-2024-26602 CVE-2024-26609 CVE-2024-26633 CVE-2024-26671 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2021-47606 In the Linux kernel, the following vulnerability has been resolved: net: netlink: af_netlink: Prevent empty skb by adding a check on len. * CVE-2023-52651 A potential NULL pointer dereference flaw was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in the Linux kernel. This issue may lead to a crash. * CVE-2023-52864 In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device. * CVE-2024-21823 Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local access. * CVE-2024-26600 In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP. * CVE-2024-26808 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain. * CVE-2024-26828 In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces(). * CVE-2024-26853 A memory corruption flaw was found in the Linux kernel’s Intel(R) Ethernet Controller I225-LM/I225-V driver in how a user generates a high amount of packets. This flaw allows a local user to crash the system. * CVE-2024-26868 A vulnerability was found in the ff_layout_cancel_io() function in the Linux kernel. Improper error checking with the mirror_ds structure fails to check if it is NULL, leading to a potential NULL pointer dereference. This issue could lead to crashes. * CVE-2024-26897 In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete. * CVE-2024-27049 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925e: fix use-after-free in free_irq(). * CVE-2024-27052 In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work. * CVE-2024-27065 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates. Restore skipping transaction if table update does not modify flags. * CVE-2024-27417 A flaw was discovered in the Linux kernel's IPv6 implementation, specifically within the inet6_rtm_getaddr() function. The issue arises when user space provides a valid IFA_TARGET_NETNSID value but omits the IFA_ADDRESS and IFA_LOCAL attributes. In such cases, the function returns an -EINVAL error while inadvertently increasing the reference count of the struct net object, leading to a potential memory leak. This flaw has been addressed by ensuring that the reference count is properly managed, preventing unintended resource retention. Users are advised to update their Linux kernel to a version that includes this fix to maintain system stability and prevent resource leaks. * CVE-2024-27434 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK. The firmware doesn't need the MFP flag for the GTK, it can even make the firmware crash. in case the AP is configured with: group cipher TKIP and MFPC. We would send the GTK with cipher = TKIP and MFP which is of course not possible. * CVE-2024-33621 In the Linux kernel, the following vulnerability has been resolved: ipvlan: Don't use skb->sk in ipvlan_process_v{4,6}_outbound. * CVE-2024-35789 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes. * CVE-2024-35800 In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel. * CVE-2024-35823 In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters. * CVE-2024-35845 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination. * CVE-2024-35848 The vulnerability in the Linux kernel's EEPROM driver (at24) that can lead to memory corruption. The issue arises when an EEPROM device is inaccessible: the system registers an nvmem device, the read operation fails, and the device is subsequently torn down. If another driver attempts to access the nvmem device after this teardown, it may reference invalid memory, causing potential system instability. The problem has been resolved by adjusting the failure handling to occur before the nvmem device is registered, preventing access to invalid memory. Users should update their Linux kernel to a version that includes this fix to ensure system reliability. * CVE-2024-35852 In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work. * CVE-2024-35899 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: flush pending destroy work before exit_net release. * CVE-2024-35911 This is a flaw in the Linux kernel's ICE driver for Intel Ethernet controllers. The problem arises when the system enters a suspended state, and the driver frees queue vectors without resetting the num_q_vectors variable. This oversight causes the ice_rebuild() function to allocate an incorrectly sized buffer, leading to memory corruption and potential system crashes. During suspension, the driver fails to restore the num_q_vectors value after freeing queue vectors, resulting in invalid memory operations during system rebuilds. Kernel crashes or instability can occur, especially when resuming from suspension, due to buffer mismanagement. * CVE-2024-35937 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully. * CVE-2024-35969 In the Linux kernel, the following vulnerability has been resolved: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr. * CVE-2024-36005 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: honor table dormant flag from netdev release event path. Check for table dormant flag otherwise netdev release event path tries to unregister an already unregistered hook. * CVE-2024-36017 In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation. * CVE-2024-36020 In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning. * CVE-2024-36489 In the Linux kernel, the following vulnerability has been resolved: tls: fix missing memory barrier in tls_init. * CVE-2024-36903 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in __ip6_make_skb(). * CVE-2024-36921 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal. Guard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would result in out-of-bounds array accesses. This prevents issues should the driver get into a bad state during error handling. * CVE-2024-36922 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: read txq->read_ptr under lock. * CVE-2024-36929 In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs. SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in order to prevent a crash on a potential later call to skb_gso_segment. * CVE-2024-36941 In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule. If the parsing fails, we can dereference a NULL pointer here. * CVE-2024-36971 In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race. * CVE-2024-37353 A resource management issue exists in the Linux Kernel's virtio module. When request_irq() fails in vp_find_vqs_msix(), the cleanup path incorrectly attempts to free an already released IRQ, resulting in warnings and potential system instability. This issue arises from the mishandling of virtual queue deletion during error handling. * CVE-2024-37356 In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). * CVE-2024-38391 A memory leak vulnerability has been identified in the Linux Kernel's cxl/region module. The issue occurs when an error path in the code fails to release memory allocated to cxlr_pmem, leading to a potential memory leak that could degrade system performance over time. * CVE-2024-38558 In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6. * CVE-2024-38575 In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure. The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the physical memory has run out. As a result, if we use get_random_bytes() to generate random bytes in the randbuf, the null pointer dereference bug will happen. * CVE-2024-39487 In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set(). In function bond_option_arp_ip_targets_set(), if newval->string is an empty string, newval->string+1 will point to the byte after the string, causing an out-of-bound read. * CVE-2024-40928 In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool(). * CVE-2024-40954 In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails. * CVE-2024-40958 In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net. * CVE-2024-40961 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6_nh_init(). Important Copyright 2024 Softline PJSC CVE-2021-47606 CVE-2023-52651 CVE-2023-52864 CVE-2024-21823 CVE-2024-26600 CVE-2024-26808 CVE-2024-26828 CVE-2024-26853 CVE-2024-26868 CVE-2024-26897 CVE-2024-27049 CVE-2024-27052 CVE-2024-27065 CVE-2024-27417 CVE-2024-27434 CVE-2024-33621 CVE-2024-35789 CVE-2024-35800 CVE-2024-35823 CVE-2024-35845 CVE-2024-35848 CVE-2024-35852 CVE-2024-35899 CVE-2024-35911 CVE-2024-35937 CVE-2024-35969 CVE-2024-36005 CVE-2024-36017 CVE-2024-36020 CVE-2024-36489 CVE-2024-36903 CVE-2024-36921 CVE-2024-36922 CVE-2024-36929 CVE-2024-36941 CVE-2024-36971 CVE-2024-37353 CVE-2024-37356 CVE-2024-38391 CVE-2024-38558 CVE-2024-38575 CVE-2024-39487 CVE-2024-40928 CVE-2024-40954 CVE-2024-40958 CVE-2024-40961 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes * CVE-2023-5090 A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition. * CVE-2023-6240 A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. * CVE-2024-25742 In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES. * CVE-2024-25743 In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES. Bug Fixes * ffdhe* algortihms introduced in 0a2e5b909023 as .fips_allowed=1 lack pairwise consistency tests. * mm/mglru: fix underprotected page cache. * [EMR] [TBOOT OS] SUT could not go to S3 state with RHEL 9.2 Tboot OS One CPU return -16 running BUSY. * system hangs completely - NMI not possible. * ice 0000:6f:00.0: PTP failed to get time. Moderate Copyright 2024 Softline PJSC CVE-2023-5090 CVE-2023-6240 CVE-2024-25742 CVE-2024-25743 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2023-52463 Linux Kernel is vulnerable to a denial of service, caused by force RO when remounting if SetVariable is not supported. A local attacker could exploit this vulnerability to cause a denial of service. * CVE-2023-52801 In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update of domains_itree after splitting iopt_area. * CVE-2024-26629 Linux Kernel is vulnerable to a denial of service, caused by a flaw in the nfsd4_release_lockowner() function. A local authenticated attacker could exploit this vulnerability to cause a denial of service. * CVE-2024-26630 Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a folio read-after-free flaw in cache walk In cachestat. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition. * CVE-2024-26720 In the Linux kernel, the following vulnerability has been resolved: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again. * CVE-2024-26886 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock. * CVE-2024-26946 An unsafe read function was found in arch/x86/kernel/kprobes/core.c in the Linux kernel . * CVE-2024-35791 A security vulnerability was identified in the Linux kernel's Kernel-based Virtual Machine subsystem (KVM), specifically affecting the Secure Virtual Machine (SVM) feature used on AMD processors. The issue arises from a use-after-free condition in the svm_register_enc_region() function, which can lead to system instability or potential exploitation. * CVE-2024-35797 The vulnerability in the Linux kernel’s memory management, specifically affecting the cachestat feature when handling shared memory. The flaw stems from race conditions during operations like swapping or invalidation, which can lead to out-of-bounds memory access or invalid pointer dereferencing. These issues can result in crashes or system instability. The kernel has been patched to improve checks and handling of swap entries to ensure stable and safe operation * CVE-2024-35875 In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems. * CVE-2024-36000 In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix missing hugetlb_lock for resv uncharge. * CVE-2024-36019 A vulnerability was found in the Linux kernel’s regmap subsystem. Due to improper indexing in the regcache_maple_drop() function, an out-of-bounds access could corrupt the cache by overwriting parts of it with kernel memory. * CVE-2024-36883 In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in ops_init. * CVE-2024-36979 In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free. * CVE-2024-38559 In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated. * CVE-2024-38619 In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized. * CVE-2024-40927 In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case. * CVE-2024-40936 In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix memregion leaks in devm_cxl_add_region(). * CVE-2024-41040 In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix UAF when resolving a clash. * CVE-2024-41044 In the Linux kernel, the following vulnerability has been resolved: ppp: reject claimed-as-LCP but actually malformed packets. * CVE-2024-41055 In the Linux kernel, the following vulnerability has been resolved: mm: prevent derefencing NULL ptr in pfn_section_valid(). * CVE-2024-41073 A flaw was found in the Linux kernel, where the following issue has been resolved: nvme: avoid double free special payload. If a discard request needs to be retried, and that retry may fail before a new special payload is added, a double free occurs. Clear the RQF_SPECIAL_LOAD when the request is cleaned. * CVE-2024-41096 A use after free vulnerability was found in the Linux Kernel. Failure propagates back to pci_msi_setup_msi_irqs() in msi_capability_init(), which accesses the descriptor for unmasking in the error exit path, leading to a loss of confidentiality, integrity, and availability. * CVE-2024-42082 In the Linux kernel, the following vulnerability has been resolved: xdp: Remove WARN() from __xdp_reg_mem_model(). * CVE-2024-42096 In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profile_pc(). * CVE-2024-42102 A vulnerability was found in the wb_dirty_limits() function in the Linux kernel, where a removed (u64) cast in the dtc->wb_thresh * dtc->bg_thresh operation can result in multiplication overflow on 32-bit architectures. This issue could lead to memory corruption or performance issues. * CVE-2024-42131 In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic. Moderate Copyright 2024 Softline PJSC CVE-2023-52463 CVE-2023-52801 CVE-2024-26629 CVE-2024-26630 CVE-2024-26720 CVE-2024-26886 CVE-2024-26946 CVE-2024-35791 CVE-2024-35797 CVE-2024-35875 CVE-2024-36000 CVE-2024-36019 CVE-2024-36883 CVE-2024-36979 CVE-2024-38559 CVE-2024-38619 CVE-2024-40927 CVE-2024-40936 CVE-2024-41040 CVE-2024-41044 CVE-2024-41055 CVE-2024-41073 CVE-2024-41096 CVE-2024-42082 CVE-2024-42096 CVE-2024-42102 CVE-2024-42131 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2023-52439 In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open. * CVE-2023-52884 In the Linux kernel, the following vulnerability has been resolved: Input: cyapa - add missing input core locking to suspend/resume functions. * CVE-2024-26739 A use-after-free flaw was found in net/sched/act_mirred.c in the Linux kernel. This may result in a crash. * CVE-2024-26929 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of fcport. * CVE-2024-26930 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer. * CVE-2024-26931 A flaw was found in the qla2xxx module in the Linux kernel. A NULL pointer dereference can be triggered when the system is under memory stress and the driver cannot allocate memory to handle the error recovery of cable pull, causing a system crash and a denial of service. * CVE-2024-26947 A flaw was found in the Linux kernel’s ARM memory management functionality, where certain memory layouts cause a kernel panic. This flaw allows an attacker who can specify or alter memory layouts to cause a denial of service. * CVE-2024-26991 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes. * CVE-2024-27022 In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma until vma is fully initialized. * CVE-2024-35895 A vulnerability in the Linux kernel's Berkeley Packet Filter (BPF) subsystem, specifically within the sockmap feature. The issue arises when BPF tracing programs, which can execute in various interrupt contexts, attempt to delete elements from sockmap or sockhash maps. This operation involves acquiring locks that are not safe for use in hard interrupt contexts, leading to potential deadlocks due to lock inversion. * CVE-2024-36016 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive(). * CVE-2024-36899 In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix use after free in lineinfo_changed_notify. * CVE-2024-38562 In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing. * CVE-2024-38570 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount. * CVE-2024-38573 In the Linux kernel, the following vulnerability has been resolved: cppc_cpufreq: Fix possible null pointer dereference. * CVE-2024-38601 In the Linux kernel, the following vulnerability has been resolved: ring-buffer: fix a race between readers and resize checks. * CVE-2024-38615 In the Linux kernel, the following vulnerability has been resolved: cpufreq: exit() callback is optional. The exit() callback is optional and shouldn't be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn't present. * CVE-2024-40984 In the Linux kernel, the following vulnerability has been resolved: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.". * CVE-2024-41071 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Avoid address calculations via out of bounds array indexing. * CVE-2024-42225 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: replace skb_put with skb_put_zero. * CVE-2024-42246 In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket. Important Copyright 2024 Softline PJSC CVE-2023-52439 CVE-2023-52884 CVE-2024-26739 CVE-2024-26929 CVE-2024-26930 CVE-2024-26931 CVE-2024-26947 CVE-2024-26991 CVE-2024-27022 CVE-2024-35895 CVE-2024-36016 CVE-2024-36899 CVE-2024-38562 CVE-2024-38570 CVE-2024-38573 CVE-2024-38601 CVE-2024-38615 CVE-2024-40984 CVE-2024-41071 CVE-2024-42225 CVE-2024-42246 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2023-52771 In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix delete_endpoint() vs parent unregistration race. * CVE-2023-52880 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc. * CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc. * CVE-2024-26668 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow. * CVE-2024-26810 In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops. Mask operations through config space changes to DisINTx may race INTx configuration changes via ioctl. Create wrappers that add locking for paths outside of the core interrupt code. * CVE-2024-26855 In the Linux kernel, the following vulnerability has been resolved: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink(). * CVE-2024-26908 kernel: x86/xen: Add some null pointer checking to smp.c. * CVE-2024-26925 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path. * CVE-2024-27016 In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header. * CVE-2024-27019 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in __nft_obj_type_get(). Therefore, there is potential data-race of nf_tables_objects list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_objects list in __nft_obj_type_get(), and use rcu_read_lock() in the caller nft_obj_type_get() to protect the entire type query process. * CVE-2024-27020 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process. * CVE-2024-27415 In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up. * CVE-2024-35839 In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nf_bridge_info. * CVE-2024-35896 In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length. * CVE-2024-35897 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: discard table flag update with pending basechain deletion. Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both commands are combined, this results in deleting a basechain while leaving its hook still registered in the core. * CVE-2024-35898 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get(). * CVE-2024-35962 In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input. * CVE-2024-36003 In the Linux kernel, the following vulnerability has been resolved: ice: fix LAG and VF lock dependency in ice_reset_vf() 9f74a3dfcf83. * CVE-2024-36025 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats(). * CVE-2024-38538 In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes. * CVE-2024-38540 In the Linux kernel, the following vulnerability has been resolved: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq. * CVE-2024-38544 In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt. * CVE-2024-38579 In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic. * CVE-2024-38608 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix netif state handling mlx5e_suspend cleans resources only if netif_device_present() returns true. * CVE-2024-39476 In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING. * CVE-2024-40905 In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible race in __fib6_drop_pcpu_from(). * CVE-2024-40911 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Lock wiphy in cfg80211_get_station. * CVE-2024-40912 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup(). * CVE-2024-40914 In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: don't unpoison huge_zero_folio. * CVE-2024-40929 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids. * CVE-2024-40939 In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix tainted pointer delete is case of region creation fail. * CVE-2024-40941 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation. * CVE-2024-40957 In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors. * CVE-2024-40978 In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute. * CVE-2024-40983 In the Linux kernel, the following vulnerability has been resolved: tipc: force a dst refcount before doing decryption. * CVE-2024-41041 In the Linux kernel, the following vulnerability has been resolved: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). * CVE-2024-41076 In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4_set_security_label. * CVE-2024-41090 In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame. * CVE-2024-41091 In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame. * CVE-2024-42110 In the Linux kernel, the following vulnerability has been resolved: net: ntb_netdev: move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx(). * CVE-2024-42152 In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment. Important Copyright 2024 Softline PJSC CVE-2023-52771 CVE-2023-52880 CVE-2024-26581 CVE-2024-26668 CVE-2024-26810 CVE-2024-26855 CVE-2024-26908 CVE-2024-26925 CVE-2024-27016 CVE-2024-27019 CVE-2024-27020 CVE-2024-27415 CVE-2024-35839 CVE-2024-35896 CVE-2024-35897 CVE-2024-35898 CVE-2024-35962 CVE-2024-36003 CVE-2024-36025 CVE-2024-38538 CVE-2024-38540 CVE-2024-38544 CVE-2024-38579 CVE-2024-38608 CVE-2024-39476 CVE-2024-40905 CVE-2024-40911 CVE-2024-40912 CVE-2024-40914 CVE-2024-40929 CVE-2024-40939 CVE-2024-40941 CVE-2024-40957 CVE-2024-40978 CVE-2024-40983 CVE-2024-41041 CVE-2024-41076 CVE-2024-41090 CVE-2024-41091 CVE-2024-42110 CVE-2024-42152 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2021-47385 In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field. * CVE-2023-28746 A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system. * CVE-2023-52658 In the Linux kernel, the following vulnerability has been resolved: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency". * CVE-2024-27403 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, otherwise if flow_offload_add() fails, error path releases dst twice, leading to a refcount underflow. * CVE-2024-35989 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms. * CVE-2024-36889 In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_nxt is properly initialized on connect. * CVE-2024-36978 In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune(). * CVE-2024-38556 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: add a timeout to acquire the command queue semaphore. * CVE-2024-39483 In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked. * CVE-2024-39502 In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netif_napi_del(). * CVE-2024-40959 In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr(). * CVE-2024-42079 In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush lock to provide exclusion against gfs2_log_flush(). In gfs2_log_flush(), check if sdp->sd_jdesc is non-NULL before dereferencing it. Otherwise, we could run into a NULL pointer dereference when outstanding glock work races with an unmount (glock_work_func -> run_queue -> do_xmote -> inode_go_sync -> gfs2_log_flush). * CVE-2024-42272 In the Linux kernel, the following vulnerability has been resolved: sched: act_ct: take care of padding in struct zones_ht_key. * CVE-2024-42284 In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str() should return non-zero value if the UDP media address is invalid. Otherwise, a buffer overflow access can occur in tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP media address. Moderate Copyright 2024 Softline PJSC CVE-2021-47385 CVE-2023-28746 CVE-2023-52658 CVE-2024-27403 CVE-2024-35989 CVE-2024-36889 CVE-2024-36978 CVE-2024-38556 CVE-2024-39483 CVE-2024-39502 CVE-2024-40959 CVE-2024-42079 CVE-2024-42272 CVE-2024-42284 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2021-47383 In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit. * CVE-2024-2201 A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information. * CVE-2024-26640 A vulnerability was found in Linux Kernel where rx zerocopy feature allowed mapping of pages owned by the filesystem, leading to potential system panic which is caused by the lack of sanity checks to rx zerocopy. A local authenticated attacker could exploit this vulnerability to cause a denial of service. * CVE-2024-26826 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow. * CVE-2024-26923 In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect(). * CVE-2024-26935 In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression. * CVE-2024-26961 In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154_llsec_key_del mac802154_llsec_key_del() can free resources of a key directly without following the RCU rules for waiting before the end of a grace period. This may lead to use-after-free in case llsec_lookup_key() is traversing the list of keys in parallel with a key deletion: refcount_t: addition on 0; use-after-free. * CVE-2024-36244 In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too. * CVE-2024-39472 In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy h_size fixup. * CVE-2024-39504 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: validate mandatory meta and payload. * CVE-2024-40904 In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages. * CVE-2024-40931 In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect. * CVE-2024-40960 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL dereference in rt6_probe(). * CVE-2024-40972 In the Linux kernel, the following vulnerability has been resolved: ext4: do not create EA inode under buffer lock. * CVE-2024-40977 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery. * CVE-2024-40995 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc(). * CVE-2024-40998 In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super(). * CVE-2024-41005 In the Linux kernel, the following vulnerability has been resolved: netpoll: Fix race condition in netpoll_owner_active. * CVE-2024-41013 In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block. * CVE-2024-41014 In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data. * CVE-2024-43854 In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media. * CVE-2024-45018 In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use. Moderate Copyright 2024 Softline PJSC CVE-2021-47383 CVE-2024-2201 CVE-2024-26640 CVE-2024-26826 CVE-2024-26923 CVE-2024-26935 CVE-2024-26961 CVE-2024-36244 CVE-2024-39472 CVE-2024-39504 CVE-2024-40904 CVE-2024-40931 CVE-2024-40960 CVE-2024-40972 CVE-2024-40977 CVE-2024-40995 CVE-2024-40998 CVE-2024-41005 CVE-2024-41013 CVE-2024-41014 CVE-2024-43854 CVE-2024-45018 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-26642 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag. * CVE-2024-26643 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout. * CVE-2024-26673 Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by an out-of-bounds read flaw in nft_ct: sanitize layer 3 and 4 protocol number in custom expectations. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service condition. * CVE-2024-26804 In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: prevent perpetual headroom growth. * CVE-2024-35890 In the Linux kernel, the following vulnerability has been resolved: gro: fix ownership transfer. Moderate Copyright 2024 Softline PJSC CVE-2024-26642 CVE-2024-26643 CVE-2024-26673 CVE-2024-26804 CVE-2024-35890 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-26735 In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref. * CVE-2024-26993 In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfs_break_active_protection(). Moderate Copyright 2024 Softline PJSC CVE-2024-26735 CVE-2024-26993 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes * CVE-2021-47400 In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3_nic_net_open repeatedly. * CVE-2023-52626 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context. * CVE-2023-52667 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups. * CVE-2024-26801 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset. * CVE-2024-26974 In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race condition during AER recovery. * CVE-2024-27393 In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Add missing skb_mark_for_recycle. * CVE-2024-35870 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2_reconnect_server(). * CVE-2024-35960 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree. Bug Fixes * cifs - kernel panic with cifs_put_smb_ses. * BUG: unable to handle page fault for address: ff16bf752f593ff8 [rhel-9.4.z]. * [HPE 9.4 Bug] Request merge of AMD address translation library patch series [rhel-9.4.z]. * [RHEL9] kernel BUG at lib/list_debug.c:51! [rhel-9.4.z]. * ice: DPLL-related fixes [rhel-9.4.z]. * CNB95: net/sched: update TC core to upstream v6.8 [rhel-9.4.z]. * IPv6: SR: backport fixes from upstream [rhel-9.4.z]. * [RFE] Backport tmpfs noswap mount option [rhel-9.4.z]. * Isolated cores causing issues on latest RHEL9.4 kernel and not functioning as desired. [rhel-9.4.z]. * [ice] Add automatic VF reset on Tx MDD events [rhel-9.4.z]. * [HPEMC RHEL 9.4 REGRESSION] turbostat: turbostat broken on 10+ sockets. [rhel-9.4.z]. * bnx2x: fix crashes in PCI error handling, resource leaks [rhel-9.4.z]. Moderate Copyright 2024 Softline PJSC CVE-2021-47400 CVE-2023-52626 CVE-2023-52667 CVE-2024-26801 CVE-2024-26974 CVE-2024-27393 CVE-2024-35870 CVE-2024-35960 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2021-47548 In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port(). * CVE-2021-47596 In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg. * CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer. * CVE-2023-52638 In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock. * CVE-2024-26783 In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index. * CVE-2024-26858 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map. * CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout. * CVE-2024-27435 In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation. * CVE-2024-35958 In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix incorrect descriptor free behavior. * CVE-2024-36270 In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device. * CVE-2024-36886 In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path. * CVE-2024-36904 In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). * CVE-2024-36957 In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace. * CVE-2024-38543 In the Linux kernel, the following vulnerability has been resolved: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure. * CVE-2024-38586 In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently leading to calls to dma_unmap_single() with a null address. This was caused by rtl8169_start_xmit() not noticing changes to nr_frags which may occur when small packets are padded (to work around hardware quirks) in rtl8169_tso_csum_v2(). To fix this, postpone inspecting nr_frags until after any padding has been applied. * CVE-2024-38593 In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fix receiving the timestamp in the frame for lan8841. * CVE-2024-38663 In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from resetting io stat. Important Copyright 2024 Softline PJSC CVE-2021-47548 CVE-2021-47596 CVE-2022-48627 CVE-2023-52638 CVE-2024-26783 CVE-2024-26858 CVE-2024-27397 CVE-2024-27435 CVE-2024-35958 CVE-2024-36270 CVE-2024-36886 CVE-2024-36904 CVE-2024-36957 CVE-2024-38543 CVE-2024-38586 CVE-2024-38593 CVE-2024-38663 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2021-47459 In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv. * CVE-2022-48743 In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow. There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length underflows are seen because of inconsistencies in the hardware descriptors. * CVE-2023-52458 In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size. * CVE-2023-52809 In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup(). * CVE-2024-26737 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel. * CVE-2024-26773 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found(). * CVE-2024-26852 In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify(). * CVE-2024-26880 In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend. * CVE-2024-26982 In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero. * CVE-2024-27030 In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts. * CVE-2024-27046 In the Linux kernel, the following vulnerability has been resolved: nfp: flower: handle acti_netdevs allocation failure. * CVE-2024-35857 In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmp_build_probe(). * CVE-2024-35885 In the Linux kernel, the following vulnerability has been resolved: mlxbf_gige: stop interface during shutdown. * CVE-2024-35907 The vulnerability in the Linux kernel's mlxbf_gige driver, which supports Mellanox BlueField devices. The issue occurs during kdump operations when a receive (RX) interrupt is triggered before the driver fully initializes. This leads to a race condition that can result in a NULL pointer dereference, causing the system to crash. A pending RX interrupt before the driver requests the IRQ can lead to an improper sequence of operations, resulting in the crash. This flaw affects system stability during kdump operations, potentially causing kernel panics. * CVE-2024-36924 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up(). * CVE-2024-36952 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up. * CVE-2024-38580 A flaw was found in the Linux kernel. Inappropriate file lifetime handling may lead to availability issues. Moderate Copyright 2024 Softline PJSC CVE-2021-47459 CVE-2022-48743 CVE-2023-52458 CVE-2023-52809 CVE-2024-26737 CVE-2024-26773 CVE-2024-26852 CVE-2024-26880 CVE-2024-26982 CVE-2024-27030 CVE-2024-27046 CVE-2024-35857 CVE-2024-35885 CVE-2024-35907 CVE-2024-36924 CVE-2024-36952 CVE-2024-38580 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. * CVE-2024-56201 Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5. * CVE-2024-56326 Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5. Important Copyright 2025 Softline PJSC CVE-2024-56201 CVE-2024-56326 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-46713 In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order comment the perf_event::mmap_mutex order was already wrong, that is, it nesting under mmap_lock is not new with this patch. * CVE-2024-50208 In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages. * CVE-2024-50252 In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address. * CVE-2024-53122 In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust. Important Copyright 2025 Softline PJSC CVE-2024-46713 CVE-2024-50208 CVE-2024-50252 CVE-2024-53122 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-0242 Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6. * CVE-2025-0243 Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6. * CVE-2025-0237 The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6. * CVE-2025-0238 Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6. * CVE-2025-0239 When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6. * CVE-2025-0240 Parsing a JavaScript module as JSON could under some circumstances cause cross-compartment access, which may result in a use-after-free. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6. * CVE-2025-0241 A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. Important Copyright 2025 Softline PJSC CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Security fix * CVE-2024-3661 DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. Bug fixes * Routes in table different to main are not deleted on reapply [rhel-9.5.z]. * Route to VPN server not stored in routing table that is specified by ipv4.route-table [rhel-9.5.z]. * VPN connections do not support ipv4.routing-rules settings [rhel-9.5.z]. Moderate Copyright 2025 Softline PJSC CVE-2024-3661 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. * CVE-2024-57823 In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). Important Copyright 2025 Softline PJSC CVE-2024-57823 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. * CVE-2024-11029 A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials. Moderate Copyright 2025 Softline PJSC CVE-2024-11029 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. * CVE-2024-12085 A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. Important Copyright 2025 Softline PJSC CVE-2024-12085 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss. * CVE-2024-53580 iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function. Important Copyright 2025 Softline PJSC CVE-2024-53580 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2024-54479 The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-54502 The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-54505 A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. * CVE-2024-54508 The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Important Copyright 2025 Softline PJSC CVE-2024-54479 CVE-2024-54502 CVE-2024-54505 CVE-2024-54508 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-0242 Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6. * CVE-2025-0243 Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6. Important Copyright 2025 Softline PJSC CVE-2025-0242 CVE-2025-0243 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. * CVE-2024-11614 An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset. Important Copyright 2025 Softline PJSC CVE-2024-11614 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. * CVE-2023-33460 There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash. Moderate Copyright 2025 Softline PJSC CVE-2023-33460 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The CPAN module is a tool to query, download and build perl modules from CPAN sites. * CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. Moderate Copyright 2025 Softline PJSC CVE-2023-31484 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. * CVE-2024-1488 A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether. Important Copyright 2025 Softline PJSC CVE-2024-1488 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. * CVE-2024-33871 An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded. Important Copyright 2025 Softline PJSC CVE-2024-33871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). * CVE-2024-3652 A flaw was found in Libreswan, where it was identified to contain an assertion failure issue in the compute_proto_keymat() function. The vulnerability can be exploited when an IKEv1 connection is loaded with an AH/ESP default setting when no esp= line is present in the connection. This flaw allows an authenticated attacker to send the bogus AES-GMAC proposal request, triggering the issue and causing Libreswan to crash and restart. When this connection is automatically added on startup using the auto= keyword, it can cause repeated crashes, leading to a denial of service. No remote code execution is possible Moderate Copyright 2025 Softline PJSC CVE-2024-3652 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2023-6597 A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link. * CVE-2024-0450 A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed. Important Copyright 2025 Softline PJSC CVE-2023-6597 CVE-2024-0450 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-5688 If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5690 By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5691 By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5693 Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5696 By manipulating the text in an `&lt;input&gt;` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5700 Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12. * CVE-2024-5702 Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12. Important Copyright 2025 Softline PJSC CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693 CVE-2024-5696 CVE-2024-5700 CVE-2024-5702 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2023-6597 An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. Important Copyright 2025 Softline PJSC CVE-2023-6597 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. * CVE-2024-32002 This vulnerability allows the malicious manipulation of repositories containing submodules, exploiting a bug that enables the writing of files into the .git/ directory instead of the submodule's intended worktree. This manipulation facilitates the execution of arbitrary code during the cloning process, bypassing user inspection and control. * CVE-2024-32004 This vulnerability can be exploited by an unauthenticated attacker who places a specialized repository on the target's local system. If the victim clones this repository, the attacker can execute arbitrary code. * CVE-2024-32020 This flaw allows an unauthenticated attacker to place a specialized repository on their target's local system. For performance reasons, Git uses hardlinks when cloning a repository located on the same disk. However, if the repo being cloned is owned by a different user, this can introduce a security risk. At any time in the future, the original repo owner could rewrite the hardlinked files in the cloned user's repo. * CVE-2024-32021 This flaw allows an unauthenticated attacker to place a repository on their target's local system that contains symlinks. During the cloning process, Git could be tricked into creating hardlinked arbitrary files into their repository's objects/ directory, impacting availability and integrity. * CVE-2024-32465 A flaw was found in Git in a full copy of a Git repository. A prerequisite for this vulnerability is for an unauthenticated attacker to place a specialized repository on their target's local system. If the victim were to clone this repository, it could result in arbitrary code execution. Important Copyright 2025 Softline PJSC CVE-2024-32002 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libxml2 library is a development toolbox providing the implementation of various XML standards. * CVE-2022-49043 xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. Important Copyright 2025 Softline PJSC CVE-2022-49043 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. * CVE-2020-11023 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. Moderate Copyright 2025 Softline PJSC CVE-2020-11023 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. * CVE-2025-1094 Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected. Important Copyright 2025 Softline PJSC CVE-2025-1094 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security fixes * CVE-2025-21171 .NET Remote Code Execution Vulnerability * CVE-2025-21172 .NET and Visual Studio Remote Code Execution Vulnerability * CVE-2025-21173 .NET Elevation of Privilege Vulnerability * CVE-2025-21176 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability Enhancement * Update .NET 9.0 to SDK 9.0.102 and Runtime 9.0.1 [rhel-9.5.z] Important Copyright 2025 Softline PJSC CVE-2025-21171 CVE-2025-21172 CVE-2025-21173 CVE-2025-21176 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security fixes * CVE-2025-21172 .NET and Visual Studio Remote Code Execution Vulnerability * CVE-2025-21173 .NET Elevation of Privilege Vulnerability * CVE-2025-21176 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability Enhancement * Update .NET 8.0 to SDK 8.0.112 and Runtime 8.0.12 [rhel-9.5.z]. Important Copyright 2025 Softline PJSC CVE-2025-21172 CVE-2025-21173 CVE-2025-21176 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. * CVE-2025-21502 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Moderate Copyright 2025 Softline PJSC CVE-2025-21502 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. compat-openssl11 provides the legacy 1.1 version of OpenSSL for use with older binaries. Security Fixes * CVE-2022-0778 A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate may be subject to a denial of service attack. Bug Fixes * compat-openssl11 breaks in FIPS Important Copyright 2025 Softline PJSC CVE-2022-0778 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. * CVE-2022-24070 A use-after-free vulnerability was found in Subversion in the mod_dav_svn Apache HTTP server (HTTPd) module. While looking up path-based authorization (authz) rules, multiple calls to the post_config hook can invalidate cached pointers to object-pools, which Subversion subsequently uses. This issue crashes the single HTTPd worker thread or the entire HTTPd server process, depending on the configuration of the Apache HTTPd server. Important Copyright 2025 Softline PJSC CVE-2022-24070 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Tomcat is the servlet engine that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. * CVE-2021-42340 A memory leak flaw was found in Apache Tomcat, where an HTTP upgrade connection does not release for WebSocket connections once the WebSocket connection is closed. If a sufficient number of such requests are made, an OutOfMemoryError occurs, leading to a denial of service. The highest threat from this vulnerability is to system availability. Low Copyright 2025 Softline PJSC CVE-2021-42340 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. * CVE-2021-44269 A heap out-of-bounds read flaw was found in WavPacks' WavpackPackSamples() function of src/pack_utils.c and only affects the command-line program of WavPack (not libwavpack). This flaw allows an attacker to exploit this flaw for a website that uses the WavPack command-line program on user-provided files, causing a denial of service. Low Copyright 2025 Softline PJSC CVE-2021-44269 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. * CVE-2021-22570 A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory. Moderate Copyright 2025 Softline PJSC CVE-2021-22570 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Speex is a patent-free compression format designed especially for speech. It is specialized for voice communications at low bit-rates. * CVE-2020-23903 A divide-by-zero flaw was found in speex within the read_samples() at src/speexenc.c function. This flaw allows a malicious user to provide a crafted wav file and crash the speexenc utility, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Low Copyright 2025 Softline PJSC CVE-2020-23903 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2022-24834 A heap-based buffer overflow flaw was found in Redis. This flaw allows a local authenticated attacker user or attacker to execute a specially crafted Lua script in Redis. This attack triggers a heap overflow in the cjson and cmsgpack libraries, resulting in heap corruption and potential remote code execution. * CVE-2023-45145 A flaw was found in Redis, an in-memory database that persists on disk. On startup, Redis listens on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. * CVE-2024-31228 A flaw was found in Redis. This flaw allows authenticated users to trigger a denial of service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. * CVE-2024-31449 A flaw was found in Redis. This flaw allows an authenticated user to use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. * CVE-2024-46981 A flaw was found in the Redis server. This flaw allows an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution. Important Copyright 2025 Softline PJSC CVE-2022-24834 CVE-2023-45145 CVE-2024-31228 CVE-2024-31449 CVE-2024-46981 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-1009 An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1010 An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1011 A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1012 A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A race during concurrent delazification could have led to a use-after-free. * CVE-2025-1013 A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1014 Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1016 Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1017 Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. Important Copyright 2025 Softline PJSC CVE-2025-1009 CVE-2025-1010 CVE-2025-1011 CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1016 CVE-2025-1017 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. * CVE-2023-0567 A vulnerability was found in PHP. This security flaw occurs when malformatted BCrypt hashes that include a $ within their salt part trigger a buffer overread and may erroneously validate any password as valid. * CVE-2023-0568 A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which might lead to unauthorized data access or modification. * CVE-2023-0662 A vulnerability was found in PHP. This security flaw occurs when the request body parsing in PHP allows any unauthenticated attacker to consume a large amount of CPU time and trigger excessive logging. A large amount of CPU time required for processing requests can block all available worker processes and significantly delay or slow the processing of legitimate user requests. The large volume of warning messages can wear down the disk and fill it up. A complete denial of service is achievable by sending many concurrent multipart requests in a loop. PHP parses the request body before invoking any application scripts. This vulnerability affects all PHP websites that accept POST request bodies (post_max_size set to a value greater than zero, the default value is 8MB). * CVE-2023-3247 A vulnerability was found in PHP where the weak randomness affects applications that use SOAP with HTTP Digest authentication against a possibly malicious server over HTTP allows a remote authenticated attackers to cause a stack information leak. * CVE-2023-3823 A flaw was found in PHP due to inadequate validation of user-supplied XML input. By leveraging specially crafted XML code, a remote attacker could obtain sensitive information by viewing the contents of arbitrary files on the system or initiating requests to external systems. This issue may allow unauthorized access to sensitive data and the potential for network scanning of internal and external infrastructure. * CVE-2023-3824 A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phar_dir_read() function. This issue may allow an attacker to initiate memory corruption by compelling the application to open a specially crafted .phar archive, allowing the attacker to corrupt memory or cause a denial of service condition. Important Copyright 2025 Softline PJSC CVE-2023-0567 CVE-2023-0568 CVE-2023-0662 CVE-2023-3247 CVE-2023-3823 CVE-2023-3824 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-53088 In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state. * CVE-2024-50154 A use-after-free (UAF) vulnerability was found and fixed in the Linux kernel's TCP subsystem related to request socket (reqsk) timers during handshake handling. This issue stems from a race condition caused by relying on timer_pending() in reqsk_queue_unlink(). This could result in the timer continuing to run after the socket (req->sk) is freed, allowing BPF programs to access invalid memory. * CVE-2024-50275 In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps. Moderate Copyright 2025 Softline PJSC CVE-2024-50154 CVE-2024-50275 CVE-2024-53088 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. * CVE-2023-45539 HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server. * CVE-2023-40225 HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. Moderate Copyright 2025 Softline PJSC CVE-2023-40225 CVE-2023-45539 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. * CVE-2024-1597 pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected. Important Copyright 2025 Softline PJSC CVE-2024-1597 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Security Fixes: * CVE-2022-4899 A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun. * CVE-2023-21911 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21919 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21920 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21929 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2023-21933 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21935 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21940 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21945 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21946 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21947 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21953 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21955 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21962 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21966 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21972 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21976 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21977 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-21980 Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. * CVE-2023-21982 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22005 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22007 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22008 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22032 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22033 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22038 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2023-22046 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22048 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. * CVE-2023-22053 programs). Supported versions that are affected are 5.7.42 and prior and 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server and unauthorized read access to a subset of MySQL Server accessible data. * CVE-2023-22054 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22056 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22057 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22058 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22059 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22064 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22065 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22066 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22068 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22070 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22078 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22079 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22084 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22092 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22097 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22103 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22104 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22110 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22111 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22112 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22113 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. * CVE-2023-22114 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2023-22115 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20960 A flaw was found in MySQL Server RAPID. This vulnerability allows a malicious user with low privileges and network access to compromise the MySQL Server. A successful attack can result in the unauthorized ability to cause a hang, or a frequently repeatable crash, a complete denial of service DOS), of MySQL Server. * CVE-2024-20961 Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20962 Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20963 Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20964 Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20965 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20966 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20967 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2024-20968 Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20969 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2024-20970 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20971 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20972 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20973 Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20974 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20976 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20977 Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20978 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20981 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20982 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20983 Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20984 Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20985 Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-20993 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Easily exploitable vulnerability allows a high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21049 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: DML). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21050 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: DML). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21051 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: DML). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21052 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: DML). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21053 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: DML). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21055 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21056 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: DML). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21057 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21061 A flaw was found in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21137 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21200 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. Bug Fixes: * Fix for MySQL bug #33630199 in 8.0.32 introduces regression when --set-gtid-purged=OFF Moderate Copyright 2025 Softline PJSC CVE-2022-4899 CVE-2023-21911 CVE-2023-21919 CVE-2023-21920 CVE-2023-21929 CVE-2023-21933 CVE-2023-21935 CVE-2023-21940 CVE-2023-21945 CVE-2023-21946 CVE-2023-21947 CVE-2023-21953 CVE-2023-21955 CVE-2023-21962 CVE-2023-21966 CVE-2023-21972 CVE-2023-21976 CVE-2023-21977 CVE-2023-21980 CVE-2023-21982 CVE-2023-22005 CVE-2023-22007 CVE-2023-22008 CVE-2023-22032 CVE-2023-22033 CVE-2023-22038 CVE-2023-22046 CVE-2023-22048 CVE-2023-22053 CVE-2023-22054 CVE-2023-22056 CVE-2023-22057 CVE-2023-22058 CVE-2023-22059 CVE-2023-22064 CVE-2023-22065 CVE-2023-22066 CVE-2023-22068 CVE-2023-22070 CVE-2023-22078 CVE-2023-22079 CVE-2023-22084 CVE-2023-22092 CVE-2023-22097 CVE-2023-22103 CVE-2023-22104 CVE-2023-22110 CVE-2023-22111 CVE-2023-22112 CVE-2023-22113 CVE-2023-22114 CVE-2023-22115 CVE-2024-20960 CVE-2024-20961 CVE-2024-20962 CVE-2024-20963 CVE-2024-20964 CVE-2024-20965 CVE-2024-20966 CVE-2024-20967 CVE-2024-20968 CVE-2024-20969 CVE-2024-20970 CVE-2024-20971 CVE-2024-20972 CVE-2024-20973 CVE-2024-20974 CVE-2024-20976 CVE-2024-20977 CVE-2024-20978 CVE-2024-20981 CVE-2024-20982 CVE-2024-20983 CVE-2024-20984 CVE-2024-20985 CVE-2024-20993 CVE-2024-21049 CVE-2024-21050 CVE-2024-21051 CVE-2024-21052 CVE-2024-21053 CVE-2024-21055 CVE-2024-21056 CVE-2024-21057 CVE-2024-21061 CVE-2024-21137 CVE-2024-21200 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. * CVE-2022-24963 A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. Moderate Copyright 2025 Softline PJSC CVE-2022-24963 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Wheel is the reference implementation of the Python wheel packaging standard, as defined in PEP 427. * CVE-2022-40898 An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. Moderate Copyright 2025 Softline PJSC CVE-2022-40898 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The ncurses (new curses) library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. * CVE-2023-29491 ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. Moderate Copyright 2025 Softline PJSC CVE-2023-29491 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. * CVE-2021-43618 GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. Low Copyright 2025 Softline PJSC CVE-2021-43618 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The protobuf-c packages provide C bindings for Google's Protocol Buffers * CVE-2022-48468 protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member. Moderate Copyright 2025 Softline PJSC CVE-2022-48468 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. * CVE-2023-27371 GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function. Moderate Copyright 2025 Softline PJSC CVE-2023-27371 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives and recipes to Python developers. * CVE-2023-23931 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8. Moderate Copyright 2025 Softline PJSC CVE-2023-23931 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. * CVE-2023-28370 Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. Moderate Copyright 2025 Softline PJSC CVE-2023-28370 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The librabbitmq packages provide an Advanced Message Queuing Protocol (AMQP) client library that allows you to communicate with AMQP servers using protocol version 0-9-1. * CVE-2023-35789 An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments. Moderate Copyright 2025 Softline PJSC CVE-2023-35789 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption (NBDE) project. * CVE-2023-1672 A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host. Moderate Copyright 2025 Softline PJSC CVE-2023-1672 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libfastjson library provides essential JavaScript Object Notation (JSON) handling functions. The library enables users to construct JSON objects in C, output them as JSON-formatted strings, and convert JSON-formatted strings back to the C representation of JSON objects. * CVE-2020-12762 json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. Moderate Copyright 2025 Softline PJSC CVE-2020-12762 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 AutoTrace is a program for converting bitmaps to vector graphics. * CVE-2022-32323 A buffer overflow flaw was found in the autotrace package. This flaw allows an attacker to trick the user into opening a maliciously crafted BMP image, triggering arbitrary code execution or causing the application to crash. Moderate Copyright 2025 Softline PJSC CVE-2022-32323 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Jackson is a suite of data-processing tools for Java, including the flagship streaming JSON parser / generator library, matching data-binding library, and additional modules to process data encoded in various other data formats. * CVE-2020-36518 jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. Moderate Copyright 2025 Softline PJSC CVE-2020-36518 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. * CVE-2022-36227 A flaw was found in libarchive. A missing check of the return value of the calloc function can cause a NULL pointer dereference in an out-of-memory condition or when a memory allocation limit is reached, resulting in the program linked with libarchive to crash. Low Copyright 2025 Softline PJSC CVE-2022-36227 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille (Nemeth and Marburg). * CVE-2023-26767 Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint. * CVE-2023-26768 Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions. * CVE-2023-26769 Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c. Moderate Copyright 2025 Softline PJSC CVE-2023-26767 CVE-2023-26768 CVE-2023-26769 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix * CVE-2025-21502 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Bug Fix * The Red Hat OpenJDK packages rely on the copy-jdk-configs package to transfer configuration files to a new updated JDK. With this update, the JDK has been updated to use the latest version of copy-jdk-configs, which has been used for some years on later RHEL versions (RHEL-73867, RHEL-73871, RHEL-73872). Moderate Copyright 2025 Softline PJSC CVE-2025-21502 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. * CVE-2022-40023 A vulnerability was found in the mako package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability. Moderate Copyright 2025 Softline PJSC CVE-2022-40023 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. * CVE-2022-3560 A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack. Important Copyright 2025 Softline PJSC CVE-2022-3560 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions. * CVE-2021-46848 An out-of-bounds read flaw was found in Libtasn1 due to an ETYPE_OK off-by-one error in the asn1_encode_simple_der() function. This flaw allows a remote attacker to pass specially crafted data or invalid values to the application, triggering an off-by-one error, corrupting the memory, and possibly performing a denial of service (DoS) attack. Moderate Copyright 2025 Softline PJSC CVE-2021-46848 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. * CVE-2022-27404 A heap buffer overflow flaw was found in Freetype’s sfnt_init_face() function in the sfobjs.c file. The vulnerability occurs when creating a face with a strange file and invalid index. This flaw allows an attacker to read a small amount of memory, causing the application to crash. * CVE-2022-27405 A segmentation fault was found in the FreeType library. This flaw allows an attacker to attempt access to a memory location in a way that could cause an application to halt or crash, leading to a denial of service. * CVE-2022-27406 A segmentation fault was found in FreeType’s FT_Request_Size() function in the ftobjs.c file. This flaw allows an attacker to access a memory location in a way that could cause an application to halt or crash, leading to a denial of service. Moderate Copyright 2025 Softline PJSC CVE-2022-27404 CVE-2022-27405 CVE-2022-27406 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Byte Code Engineering Library (Apache Commons BCEL) is intended to give users a convenient way to analyze, create, and manipulate (binary) Java class files (those ending with .class). * CVE-2022-42920 An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Important Copyright 2025 Softline PJSC CVE-2022-42920 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. * CVE-2022-1271 An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system. Important Copyright 2025 Softline PJSC CVE-2022-1271 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. This package contains various miners and metadata extractors for tracker. * CVE-2023-5557 A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability. Important Copyright 2025 Softline PJSC CVE-2023-5557 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. * CVE-2023-28486 A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where sudo improperly escapes terminal control characters during logging operations. As sudo's log messages may contain user-controlled strings, this may allow an attacker to inject terminal control commands, leading to a leak of restricted information. * CVE-2023-28487 A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where the "sudoreplay -l' command improperly escapes terminal control characters. As sudo's log messages may contain user-controlled strings, this could allow an attacker to inject terminal control commands, leading to a leak of restricted information. * CVE-2023-42465 A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user. Moderate Copyright 2025 Softline PJSC CVE-2023-28486 CVE-2023-28487 CVE-2023-42465 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures. * CVE-2023-5992 A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. Moderate Copyright 2025 Softline PJSC CVE-2023-5992 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Pixman is a pixel manipulation library for the X Window System and Cairo. * CVE-2022-44638 A flaw was found in Pixman. This issue causes an out-of-bounds write in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. This can result in data corruption, a crash, or code execution. Moderate Copyright 2025 Softline PJSC CVE-2022-44638 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. * CVE-2023-3674 A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted. Low Copyright 2025 Softline PJSC CVE-2023-3674 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. * CVE-2023-7104 A vulnerability was found in SQLite3. This issue affects the sessionReadRecord function of the ext/session/sqlite3session.c function in the make alltest Handler component. Manipulation may cause a heap-based buffer overflow to occur. Moderate Copyright 2025 Softline PJSC CVE-2023-7104 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. * CVE-2023-44441 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44442 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSD file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44443 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44444 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process. Important Copyright 2025 Softline PJSC CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities. * CVE-2023-2602 A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. * CVE-2023-2603 A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. Moderate Copyright 2025 Softline PJSC CVE-2023-2602 CVE-2023-2603 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. * CVE-2023-32700 An arbitrary code execution vulnerability was found in LuaTeX (TeX Live) that allows any document compiled with older versions of LuaTeX to execute arbitrary shell commands, even with shell escape disabled. Important Copyright 2025 Softline PJSC CVE-2023-32700 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. * CVE-2020-22219 A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwriter_grow_ function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder. Important Copyright 2025 Softline PJSC CVE-2020-22219 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. * CVE-2023-44488 A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library. * CVE-2023-5217 A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library. Important Copyright 2025 Softline PJSC CVE-2023-44488 CVE-2023-5217 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. * CVE-2022-2309 A NULL Pointer dereference vulnerability found in lxml, caused by the iterwalk function (also used by the canonicalize function). This flaw can lead to a crash when the incorrect parser input occurs together with usages. Moderate Copyright 2025 Softline PJSC CVE-2022-2309 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2022-24735 A flaw was found in the Redis database where Lua scripts can be manipulated to overcome ACL rules. This flaw allows an attacker with access to Redis to inject Lua code that executes the potentially higher privileges of another Redis user. * CVE-2022-24736 A flaw was found in the Redis database when a malformed Lua script can cause a NULL pointer dereference. This flaw allows an attacker to load a crafting script, which results in a crash of the redis-server process. Low Copyright 2025 Softline PJSC CVE-2022-24735 CVE-2022-24736 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. * CVE-2022-1122 A flaw was found in the opj2_decompress program in openjpeg2 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. Low Copyright 2025 Softline PJSC CVE-2022-1122 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FriBidi is a library to handle bidirectional scripts (for example Hebrew, Arabic), so that the display is done in the proper way, while the text data itself is always written in logical order. * CVE-2022-25308 A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. * CVE-2022-25309 A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service. * CVE-2022-25310 A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service. Moderate Copyright 2025 Softline PJSC CVE-2022-25308 CVE-2022-25309 CVE-2022-25310 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. * CVE-2024-11187 It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. * CVE-2024-12705 A flaw was found in BIND 9. By flooding a target resolver with HTTP/2 traffic and exploiting this flaw, an attacker could overwhelm the server, causing high CPU and/or memory usage and preventing other clients from establishing DoH connections. This issue could significantly impair the resolver's performance and effectively deny legitimate clients access to the DNS resolution service. Important Copyright 2025 Softline PJSC CVE-2024-11187 CVE-2024-12705 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-1009 An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1010 An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1011 A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1012 A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A race during concurrent delazification could have led to a use-after-free. * CVE-2025-1013 A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1014 Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1016 Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-1017 Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. * CVE-2025-0510 Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability affects Thunderbird < 128.7 and Thunderbird < 135. * CVE-2025-1015 The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For example, in the “Other” field of the Instant Messaging section. If another user imported the address book, clicking on the link could result in opening a web page inside Thunderbird, and that page could execute (unprivileged) JavaScript. This vulnerability affects Thunderbird < 128.7. Important Copyright 2025 Softline PJSC CVE-2025-0510 CVE-2025-1009 CVE-2025-1010 CVE-2025-1011 CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1015 CVE-2025-1016 CVE-2025-1017 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libsoup packages provide an HTTP client and server library for GNOME. * CVE-2024-52531 GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this. Important Copyright 2025 Softline PJSC CVE-2024-52531 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Threading Building Blocks (TBB) is a C++ runtime library that abstracts the low-level threading details necessary for optimal multi-core performance. * CVE-2020-11023 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. Moderate Copyright 2025 Softline PJSC CVE-2020-11023 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. * CVE-2024-52533 A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior. Moderate Copyright 2025 Softline PJSC CVE-2024-52533 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-56326 Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5. Important Copyright 2025 Softline PJSC CVE-2024-56326 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. * CVE-2024-53263 A flaw was found in the Git LFS git extension. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the git-credential(1) command without checking for embedded line-ending control characters and then sends any credentials it receives back from the Git credential helper to the remote host. By inserting URL-encoded control characters such as line feed (LF) or carriage return (CR) characters into the URL, an attacker may be able to retrieve a user's Git credentials. Important Copyright 2025 Softline PJSC CVE-2024-53263 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2024-11218 A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host. Important Copyright 2025 Softline PJSC CVE-2024-11218 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. * CVE-2019-12900 BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. Moderate Copyright 2025 Softline PJSC CVE-2019-12900 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2024-11218 A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host. Important Copyright 2025 Softline PJSC CVE-2024-11218 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon (mariadbd) and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and utilities. * CVE-2023-22084 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21096 Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. Moderate Copyright 2025 Softline PJSC CVE-2023-22084 CVE-2024-21096 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server (IPVS) kernel module providing layer-4 (transport layer) load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol (VRRPv2) to achieve high availability with director failover. * CVE-2024-41184 A flaw was found in the keepalived package. An integer overflow occurs when incorrect arguments are passed. As a result, reading from an undefined address takes place. Moderate Copyright 2025 Softline PJSC CVE-2024-41184 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gcc-toolset-14-gcc13 package contains the GNU Compiler Collection version 14. * CVE-2020-11023 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. Moderate Copyright 2025 Softline PJSC CVE-2020-11023 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-53104 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format. Important Copyright 2025 Softline PJSC CVE-2024-53104 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. * CVE-2024-12797 A flaw was found in OpenSSL's RFC7250 Raw Public Key (RPK) authentication. This vulnerability allows man-in-the-middle (MITM) attacks via failure to abort TLS/DTLS handshakes when the server's RPK does not match the expected key despite the SSL_VERIFY_PEER verification mode being set. Important Copyright 2025 Softline PJSC CVE-2024-12797 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gcc-toolset-13-gcc13 package contains the GNU Compiler Collection version 13. * CVE-2020-11023 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. Moderate Copyright 2025 Softline PJSC CVE-2020-11023 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Doxygen can generate an online class browser (in HTML) and/or a reference manual (in LaTeX) from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. * CVE-2020-11023 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. Moderate Copyright 2025 Softline PJSC CVE-2020-11023 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2025-1094 Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected. Important Copyright 2025 Softline PJSC CVE-2025-1094 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2023-52490 In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration. Moderate Copyright 2025 Softline PJSC CVE-2023-52490 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news. Security Fix * CVE-2025-1244 A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. Bug Fix * Eliminate use of obsolete %patchN syntax. Important Copyright 2025 Softline PJSC CVE-2025-1244 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. * CVE-2024-37371 In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. * CVE-2024-5535 A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSL_select_next_proto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called with a zero-length client list. This issue is only exploitable if the application is misconfigured to use a zero-length server list and mishandles the 'no overlap' response in ALPN or uses the output as the opportunistic protocol in NPN. * CVE-2024-11053 When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. * CVE-2024-21193 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21194 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21196 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21197 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21198 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21199 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21201 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21203 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21212 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Supported versions that are affected are 8.0.39 and prior and 8.4.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21213 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21218 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21219 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21230 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21231 Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2024-21236 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21237 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2024-21238 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior, 8.4.1 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21239 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21241 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2024-21247 Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. * CVE-2024-7264 A flaw was found in libcurl, where libcurl's ASN1 parser code has the GTime2str() function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the time fraction, leading to a strlen() performed on a pointer to a heap buffer area that is not purposely NULL terminated. * CVE-2025-21490 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21491 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21494 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21497 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-21500 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21501 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21503 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21504 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21505 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21518 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21519 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21520 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. * CVE-2025-21521 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21522 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21523 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21525 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21529 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21531 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21534 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Performance Schema). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21536 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21540 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. * CVE-2025-21543 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21546 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. * CVE-2025-21555 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-21559 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. Important Copyright 2025 Softline PJSC CVE-2024-11053 CVE-2024-21193 CVE-2024-21194 CVE-2024-21196 CVE-2024-21197 CVE-2024-21198 CVE-2024-21199 CVE-2024-21201 CVE-2024-21203 CVE-2024-21212 CVE-2024-21213 CVE-2024-21218 CVE-2024-21219 CVE-2024-21230 CVE-2024-21231 CVE-2024-21236 CVE-2024-21237 CVE-2024-21238 CVE-2024-21239 CVE-2024-21241 CVE-2024-21247 CVE-2024-37371 CVE-2024-5535 CVE-2024-7264 CVE-2025-21490 CVE-2025-21491 CVE-2025-21494 CVE-2025-21497 CVE-2025-21500 CVE-2025-21501 CVE-2025-21503 CVE-2025-21504 CVE-2025-21505 CVE-2025-21518 CVE-2025-21519 CVE-2025-21520 CVE-2025-21521 CVE-2025-21522 CVE-2025-21523 CVE-2025-21525 CVE-2025-21529 CVE-2025-21531 CVE-2025-21534 CVE-2025-21536 CVE-2025-21540 CVE-2025-21543 CVE-2025-21546 CVE-2025-21555 CVE-2025-21559 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. * CVE-2024-11187 It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. Important Copyright 2025 Softline PJSC CVE-2024-11187 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2024-54543 The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption. * CVE-2025-24143 The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user. * CVE-2025-24150 A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection. * CVE-2025-24158 The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service. * CVE-2025-24162 This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash. Important Copyright 2025 Softline PJSC CVE-2024-54543 CVE-2025-24143 CVE-2025-24150 CVE-2025-24158 CVE-2025-24162 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-1930 On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. * CVE-2025-1931 It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. * CVE-2025-1932 A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. * CVE-2025-1933 On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. * CVE-2025-1934 A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. * CVE-2025-1935 A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. * CVE-2025-1936 jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension disguised as something else like an image. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. * CVE-2025-1937 Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. * CVE-2025-1938 Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. Important Copyright 2025 Softline PJSC CVE-2025-1930 CVE-2025-1931 CVE-2025-1932 CVE-2025-1933 CVE-2025-1934 CVE-2025-1935 CVE-2025-1936 CVE-2025-1937 CVE-2025-1938 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. * CVE-2025-26594 A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. * CVE-2025-26595 A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size. * CVE-2025-26596 A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow. * CVE-2025-26597 A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size. * CVE-2025-26598 An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access. * CVE-2025-26599 An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later. * CVE-2025-26600 A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free. * CVE-2025-26601 A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers. Important Copyright 2025 Softline PJSC CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025-26601 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. * CVE-2024-52804 Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue. Important Copyright 2025 Softline PJSC CVE-2024-52804 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2025-24201 An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.). Important Copyright 2025 Softline PJSC CVE-2025-24201 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. * CVE-2025-0624 A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections. Important Copyright 2025 Softline PJSC CVE-2025-0624 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-1937 Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. * CVE-2025-1938 Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 136, Firefox ESR < 128.8, Thunderbird < 136, and Thunderbird < 128.8. Important Copyright 2025 Softline PJSC CVE-2025-1937 CVE-2025-1938 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2023-52619 In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number. * CVE-2023-52622 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg. * CVE-2023-52648 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state. * CVE-2023-52662 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node. * CVE-2023-52679 In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in of_parse_phandle_with_args_map. * CVE-2023-52730 In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths. * CVE-2023-52756 In the Linux kernel, the following vulnerability has been resolved: pwm: Fix double shift bug. * CVE-2023-52762 In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtio_max_dma_size. * CVE-2023-52775 In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid data corruption caused by decline. * CVE-2023-52784 In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bond_setup_by_slave(). * CVE-2023-52791 In the Linux kernel, the following vulnerability has been resolved: i2c: core: Run atomic i2c xfer when !preemptible. * CVE-2023-52811 In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool. * CVE-2023-52834 In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue. * CVE-2024-25739 A flaw was found in the Linux kernel. The create_empty_lvol function in the drivers/mtd/ubi/vtbl.c file can attempt to allocate zero bytes of memory when the LEB size is smaller than a single volume table record. This issue can result in a denial of service. * CVE-2024-26614 In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once. * CVE-2024-26660 A vulnerability was found in the DRM/AMD/Display module of the Linux Kernel. An out-of-bounds access exists in the 'stream_enc_regs' array within DCN301, while accessing the array with 'eng_id,’ could lead to an out-of-bounds access beyond its four-element size, which can cause a system crash. * CVE-2024-26669 In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload. * CVE-2024-26686 In the Linux kernel, the following vulnerability has been resolved: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats lock_task_sighand() can trigger a hard lockup. If NR_CPUS threads call do_task_stat() at the same time and the process has NR_THREADS, it will spin with irqs disabled O(NR_CPUS * NR_THREADS) time. Change do_task_stat() to use sig->stats_lock to gather the statistics outside of ->siglock protected section, in the likely case this code will run lockless. * CVE-2024-26704 In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len. * CVE-2024-26733 In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). * CVE-2024-26740 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress. * CVE-2024-26772 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal(). Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a corrupted block bitmap. * CVE-2024-26837 In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload. * CVE-2024-26840 In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache(). * CVE-2024-26843 In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size. md_size will have been narrowed if we have >= 4GB worth of pages in a soft-reserved region. * CVE-2024-26870 In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102. * CVE-2024-26878 In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_off drop_dquot_ref remove_dquot_ref dquots = i_dquot(inode) dquots = i_dquot(inode) srcu_read_lock dquots[cnt]) != NULL (1) dquots[type] = NULL (2) spin_lock(&dquots[cnt]->dq_dqb_lock) (3) .... If dquot_free_inode(or other routines) checks inode's quota pointers (1) before quota_off sets it to NULL(2) and use it (3) after that, NULL pointer dereference will be triggered. So let's fix it by using a temporary pointer to avoid this issue. * CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be released. This affects skb fragments reassembled via netfilter or similar modules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline. * CVE-2024-26940 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed. The driver creates /sys/kernel/debug/dri/0/mob_ttm even when the corresponding ttm_resource_manager is not allocated. This leads to a crash when trying to read from this file. Add a check to create mob_ttm, system_mob_ttm, and gmr_ttm debug file only when the corresponding ttm_resource_manager is allocated. * CVE-2024-26958 In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes. * CVE-2024-26960 In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff(). * CVE-2024-27010 In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. * CVE-2024-27011 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path. The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element + delete set from the abort path could result in restoring twice the refcount of the mapping. * CVE-2024-27025 In the Linux kernel, the following vulnerability has been resolved: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code. * CVE-2024-27395 In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit. Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe. * CVE-2024-31076 In the Linux kernel, the following vulnerability has been resolved: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline. * CVE-2024-35801 In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD. * CVE-2024-35807 In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize. * CVE-2024-35810 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix the lifetime of the bo cursor memory. The cleanup can be dispatched while the atomic update is still active, which means that the memory acquired in the atomic update needs to not be invalidated by the cleanup. The buffer objects in vmw_plane_state instead of using the builtin map_and_cache were trying to handle the lifetime of the mapped memory themselves, leading to crashes. Use the map_and_cache instead of trying to manage the lifetime of the buffer objects held by the vmw_plane_state. Fixes kernel oops'es in IGT's kms_cursor_legacy forked-bo. * CVE-2024-35814 In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling. * CVE-2024-35824 In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume. * CVE-2024-35847 In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error. The error handling path in its_vpe_irq_domain_alloc() causes a double free when its_vpe_init() fails after successfully allocating at least one interrupt. This happens because its_vpe_irq_domain_free() frees the interrupts along with the area bitmap and the vprop_page and its_vpe_irq_domain_alloc() subsequently frees the area bitmap and the vprop_page again. Fix this by unconditionally invoking its_vpe_irq_domain_free() which handles all cases correctly and by removing the bitmap/vprop_page freeing from its_vpe_irq_domain_alloc(). * CVE-2024-35876 In the Linux kernel, the following vulnerability has been resolved: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank(). * CVE-2024-35900 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject new basechain after table flag update. When dormant flag is toggled, hooks are disabled in the commit phase by iterating over current chains in table (existing and new). * CVE-2024-35912 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: rfi: fix potential response leaks. If the rx payload length check fails, or if kmemdup() fails, we still need to free the command response. * CVE-2024-35924 In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Limit read size on v1.2. Between UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was increased from 16 to 256. In order to avoid overflowing reads for older systems, add a mechanism to use the read UCSI version to truncate read sizes on UCSI v1.2. * CVE-2024-35925 In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blk_rq_stat_sum(). The expression dst->nr_samples + src->nr_samples may have zero value on overflow. It is necessary to add a check to avoid division by zero. * CVE-2024-35930 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc(). The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion is not called, and thus the elsiocb resource is leaked. Check return value after calling lpfc_sli4_resume_rpi() and conditionally release the elsiocb resource. * CVE-2024-35938 In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB. Currently buf_len field of ath11k_mhi_config_qca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenarios where system memory is highly fragmented and memory compaction or reclaim is not allowed. * CVE-2024-35946 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix null pointer access when abort scan. During cancel scan we might use vif that weren't scanning. Fix this by using the actual scanning vif. * CVE-2024-35947 In the Linux kernel, the following vulnerability has been resolved: dyndbg: fix old BUG_ON in >control parser. * CVE-2024-35952 In the Linux kernel, the following vulnerability has been resolved: drm/ast: Fix soft lockup. There is a while-loop in ast_dp_set_on_off() that could lead to infinite-loop. This is because the register, VGACRI-Dx, checked in this API is a scratch register actually controlled by a MCU, named DPMCU, in BMC. * CVE-2024-36006 In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage. * CVE-2024-36010 In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igb_set_fw_version. * CVE-2024-36896 In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal. * CVE-2024-36905 In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets. * CVE-2024-36917 In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blk_ioctl_discard(). There is no check for overflow of 'start + len' in blk_ioctl_discard(). * CVE-2024-36927 In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in __ip_make_skb(). * CVE-2024-36933 In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). * CVE-2024-36940 In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable(). The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). It's a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freeing it in pinctrl_enable() will lead to a double free. The devm_pinctrl_dev_release() function frees the pindescs and destroys the mutex as well. * CVE-2024-36945 In the Linux kernel, the following vulnerability has been resolved: net/smc: fix neighbour and rtable leak in smc_ib_find_route(). * CVE-2024-36960 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events. Correctly set the length of the drm_event to the size of the structure that's actually used. * CVE-2024-38555 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Discard command completions in internal error. Fix use after free when FW completion arrives while device is in internal error state. Avoid calling completion handler in this case, since the device will flush the command interface and trigger all completions manually. * CVE-2024-38596 In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg. A data-race condition has been identified in af_unix. In one data path, the write function unix_release_sock() atomically writes to sk->sk_shutdown using WRITE_ONCE. However, on the reader side, unix_stream_sendmsg() does not read it atomically. Consequently, this issue is causing the following KCSAN splat to occur. * CVE-2024-38598 In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size. * CVE-2024-39276 In the Linux kernel, the following vulnerability has been resolved: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find(). * CVE-2021-47495 In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket. * CVE-2023-52464 In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access. * CVE-2023-52560 In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions(). * CVE-2023-52615 In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng. * CVE-2023-52703 In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path. * CVE-2023-52813 In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET. * CVE-2023-52878 In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds. * CVE-2024-26656 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug. * CVE-2024-26675 In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K. * CVE-2024-26759 In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache. * CVE-2024-26906 In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault(). * CVE-2024-26907 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment. * CVE-2024-27410 In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change. * CVE-2024-35835 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a double-free in arfs_create_groups. * CVE-2024-35838 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential sta-link leak. * CVE-2024-35853 In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash. * CVE-2024-35854 In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash. * CVE-2024-35855 In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update. * CVE-2024-35888 In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb->head. * CVE-2024-35959 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix mlx5e_priv_init() cleanup flow. * CVE-2023-52686 In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init(). * CVE-2019-25162 In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free. * CVE-2021-47185 In the Linux kernel, the following vulnerability has been resolved: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc. * CVE-2023-52445 In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection. * CVE-2023-52477 In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to uninitialized BOS descriptors. * CVE-2023-52513 In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling. * CVE-2023-52520 In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix reference leak. * CVE-2023-52528 In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg. * CVE-2023-52565 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read. * CVE-2023-52594 In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus(). * CVE-2023-52595 In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: restart beacon queue when hardware reset. * CVE-2024-0340 A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. * CVE-2024-23307 Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. * CVE-2024-26603 In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer. * CVE-2024-26664 In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Fix out-of-bounds memory access. * CVE-2024-26743 In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedr_create_user_qp error flow. * CVE-2024-26744 In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support specifying the srpt_service_guid parameter. * CVE-2024-26872 In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup. * CVE-2024-26892 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq(). * CVE-2024-26901 In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak. * CVE-2024-26933 In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in port "disable" sysfs attribute. * CVE-2024-26934 In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface(). * CVE-2024-26964 In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Add error handling in xhci_map_urb_for_dma. * CVE-2024-26973 In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles. * CVE-2024-27014 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS. * CVE-2024-27048 In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmk_op allocation failure. * CVE-2022-48669 In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fix potential memleak in papr_get_attr(). * CVE-2023-52606 In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations. * CVE-2021-47101 In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asix_mdio_read(). * CVE-2021-47384 In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field. * CVE-2021-47386 In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field. * CVE-2021-47432 In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek(). * CVE-2021-47497 In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells. * CVE-2022-48804 In the Linux kernel, the following vulnerability has been resolved: vt_ioctl: fix array_index_nospec in vt_setactivate. * CVE-2023-52683 In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow. * CVE-2023-52817 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL. * CVE-2023-52840 In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function(). * CVE-2024-23848 In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. * CVE-2024-26645 In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map. * CVE-2024-26717 In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid-of: fix NULL-deref on failed power up. * CVE-2024-26894 In the Linux kernel, the following vulnerability has been resolved: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit(). * CVE-2024-26939 In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race. * CVE-2024-27013 In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal packet received by tun dev. * CVE-2024-27042 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'. * CVE-2024-35809 In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal. * CVE-2024-35877 In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: fix VM_PAT handling in COW mappings. * CVE-2024-35944 In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host(). * CVE-2024-36901 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output(). * CVE-2024-36902 In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action(). * CVE-2024-36920 In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING. * CVE-2024-36939 In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpc_proc_register() in nfs_net_init(). * CVE-2024-38581 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue. * CVE-2024-39471 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add error handle to avoid out-of-bounds. * CVE-2024-39499 In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in event_deliver(). * CVE-2024-40901 In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory. * CVE-2024-40988 In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix UBSAN warning in kv_dpm.c. * CVE-2024-40989 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown. * CVE-2024-40997 In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit. * CVE-2024-41007 In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets. * CVE-2024-41008 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: change vm->task_info handling. * CVE-2024-41012 In the Linux kernel, the following vulnerability has been resolved: filelock: Remove locks reliably when fcntl/close race is detected. * CVE-2024-41038 In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers. * CVE-2024-41056 In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files. * CVE-2024-41060 In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bo_va->bo is non-NULL before using it. * CVE-2024-42090 In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER. * CVE-2024-42114 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values. * CVE-2024-42124 In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedf_execute_tmf() non-preemptible. * CVE-2024-42154 In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length. * CVE-2024-42226 In the Linux kernel, the following vulnerability has been resolved: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB. * CVE-2024-42228 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc. * CVE-2024-42237 In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Validate payload length before processing block. * CVE-2024-42238 In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Return error if block header overflows file. * CVE-2024-42240 In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation. * CVE-2024-26638 In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely. * CVE-2024-26846 In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module. * CVE-2024-41065 In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace. * CVE-2024-43830 In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate(). * CVE-2023-52492 Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the channel unregistration function. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-24857 Linux Kernel is vulnerable to a denial of service, caused by a race condition in the conn_info_{min,max}_age_set() function in net/bluetooth. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause bluetooth connection abnormality or a denial of service condition. * CVE-2024-26924 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element. * CVE-2024-26976 In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async #PF workqueue when vCPU is being destroyed. * CVE-2024-27017 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view of the datastructure is to be used. Add notation to specify if user wants to read/update the set. Based on patch from Florian Westphal. * CVE-2024-27062 A flaw was found in the nouveau module in the Linux kernel. A missing resource lock can cause a race condition and trigger a general protection fault, resulting in a denial of service. * CVE-2024-35939 In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure. * CVE-2024-39503 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type. * CVE-2024-40924 In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Make DPT object unshrinkable * CVE-2024-41042 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prefer nft_chain_validate nft_chain_validate already performs loop detection because a cycle will result in a call stack overflow. * CVE-2024-41092 In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix potential UAF by revoke of fence registers. * CVE-2024-41093 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid using null object of framebuffer. * CVE-2024-42070 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers. * CVE-2024-42301 In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk. * CVE-2024-43892 In the Linux kernel, the following vulnerability has been resolved: memcg: protect concurrent access to mem_cgroup_idr. * CVE-2020-10135 A flaw was discovered in the Bluetooth protocol affecting the Bluetooth BR/EDR authentication. An attacker with physical access to the Bluetooth connection could perform a spoofing attack impersonating the address of a previously paired remote device. This attack may result in the attacking device completing the authentication procedure successfully despite not possessing the link key. This flaw, in turn, could permit an attacker to initiate the Bluetooth Key Negotiation (KNOB) attack more efficiently, potentially gaining full access as the remote paired device. * CVE-2021-47098 In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations. * CVE-2021-47428 In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: fix program check interrupt emergency stack path. * CVE-2021-47429 In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix unrecoverable MCE calling async handler from NMI. * CVE-2021-47454 A vulnerability was found in the Linux kernel's powerpc/smp architecture, where the idle task's preemption count was incorrectly decremented during the CPU offline process. This issue caused a "scheduling while atomic" error when a CPU was offlined and then onlined again, leading to potential system instability. * CVE-2021-47457 In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotp_sendmsg(): add result check for wait_event_interruptible(). * CVE-2021-47505 In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE. * CVE-2022-48672 In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes(). * CVE-2022-48703 A flaw was found in the Linux kernel in the thermal/int340x_thermal driver. This issue occurs when the Global Device Data Vault (GDDV) returns a zero-length buffer, causing the kmemdup() function to return a ZERO_SIZE_PTR (0x10), leading to a NULL pointer dereference in data_vault_read(), potentially causing a kernel crash. The issue has been fixed by adding checks for ZERO_SIZE_PTR or NULL using the ZERO_OR_NULL_PTR() macro. * CVE-2022-48929 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btf_ids. * CVE-2023-52451 In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array. * CVE-2023-52455 A flaw was found in the Linux kernel. When the bootloader/firmware does not set up the framebuffers, the address and size are 0 in the "iommu-addresses" property. If the IOVA region is reserved with a 0 length, it corrupts the IOVA rbtree with an entry that has pfn_hi < pfn_lo. If the intent is to use the display driver in the kernel without the framebuffer, it causes the display IOMMU mappings to fail, as an entire valid IOVA space is reserved when the address and length are passed as 0. An ideal solution would be for the firmware to remove the "iommu-addresses" property and the corresponding "memory-region" if the display is not present. The kernel should be able to handle this by checking the size of the IOVA region and skipping the IOVA reservation if its size is 0. Also, add a warning if the firmware is requesting a 0-length IOVA region reservation. * CVE-2023-52462 A flaw was found in the Linux kernel. When the register is spilled onto a stack as a 1/2/4-byte register, the slot_type[BPF_REG_SIZE - 1] is set, possibly including a few more below it, depending on the actual spill size. To confirm if some stack slots have a spilled register, consult slot_type[7], not slot_type[0]. To avoid the need to remember and double-check this in the future, use the is_spilled_reg() helper. * CVE-2023-52466 An out-of-bounds read flaw was found in pci_dev_for_each_resource() in the Linux Kernel. The pointer in the pci_dev_for_each_resource() may be wrong. For example, it might be used for the out-of-bounds read. This issue was identified by the Coverity static analysis tool, which flagged a pointer (res) that could be used incorrectly, potentially leading to accessing memory outside its bounds. * CVE-2023-52467 A vulnerability was found in the Linux kernel, where A NULL pointer dereference flaw may occur in _syscon_register(). In this issue, kasprintf() returns a pointer to dynamically allocated memory, which can be NULL upon failure. * CVE-2023-52473 This is a security vulnerability in the Linux kernel, specifically within the thermal management subsystem. This vulnerability is a NULL pointer dereference that occurs in the thermal_zone_device_register_with_trips() function during the thermal zone registration error path. This issue can cause crashes and system instability. * CVE-2023-52475 A use-after-free flaw was found in powermate_config_complete in drivers/input/misc/powermate.c in the Linux kernel. This issue may allow an attacker to crash the system at device disconnect, possibly leading to a kernel information leak problem. * CVE-2023-52482 A vulnerability was found in the Linux kernel, where the Hygon x86 processor is susceptible to a speculative return stack overflow. * CVE-2023-52498 A flaw was found in the Linux Kernel. In low-memory situations, there is a possibility of a code deadlock that may lead to a hang. * CVE-2023-52501 In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not attempt to read past "commit". * CVE-2023-52585 A vulnerability was found in the amdgpu_ras_query_error_status_helper() function in the Linunx kernel which could lead to a possible NULL pointer dereference, causing data corruption or crashes. * CVE-2023-52614 In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show. * CVE-2023-52621 In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers. * CVE-2023-52624 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands. * CVE-2023-52625 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface. * CVE-2023-52632 In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu. * CVE-2023-52634 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix disable_otg_wa logic. * CVE-2023-52635 A flaw was found in the Linux kernel resulting from race conditions and a lack of synchronization in handling the delayed work timers in the devfreq component. This issue can lead to inconsistencies and a corruption of the timer list. * CVE-2023-52637 In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER). * CVE-2023-52643 In the Linux kernel, the following vulnerability has been resolved: iio: core: fix memleak in iio_device_register_sysfs When iio_device_register_sysfs_group() fails, we should free iio_dev_opaque->chan_attr_group.attrs to prevent potential memleak. * CVE-2023-52649 An array read overflow vulnerability was found in drivers/gpu/drm/vkms/vkms_composer.c in the Linux kernel. This issue may lead to a crash. * CVE-2023-52650 In the Linux kernel, the following vulnerability has been resolved: drm/tegra: dsi: Add missing check for of_find_device_by_node Add check for the return value of of_find_device_by_node() and return the error if it fails in order to avoid NULL pointer dereference. * CVE-2023-52656 A flaw was found in the Linux kernel that addresses the removal of dead code related to SCM_RIGHTS support within the io_uring. This code was deemed unnecessary after the kernel dropped the ability to pass io_uring file descriptors over SCM_RIGHTS. The vulnerability was assigned CVE status due to removing this code, which was part of a cleanup process following the resolution of a previous CVE (CVE-2023-52654). * CVE-2023-52659 A vulnerability in the Linux kernel affected the x86/mm code, specifically in the pfn_to_kaddr() macro. The issue arises when the macro does not correctly handle input as a 64-bit type, causing crashes on 64-bit platforms, especially for SEV-SNP guests, when processing addresses above the 1TB range. * CVE-2023-52661 In the Linux kernel, the following vulnerability has been resolved: drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() If clk_get_sys(..., "pll_d2_out0") fails, the clk_get_sys() call must be undone. Add the missing clk_put and a new 'put_pll_d_out0' label in the error handling path, and use it. * CVE-2023-52663 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() Driver uses kasprintf() to initialize fw_{code,data}_bin members of struct acp_dev_data, but kfree() is never called to deallocate the memory, which results in a memory leak. Fix the issue by switching to devm_kasprintf(). Additionally, ensure the allocation was successful by checking the pointer validity. * CVE-2023-52664 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aq_ring_free could be called multiple times on same ring, if system is under stress and got memory allocation error. Ring pointer was used as an indicator of failure, but this is not correct since only ring data is allocated/deallocated. Ring itself is an array member. Changing ring allocation functions to return error code directly. This simplifies error handling and eliminates aq_ring_free on higher layer. * CVE-2023-52674 In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_values[]. * CVE-2023-52676 In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow. * CVE-2023-52680 In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to *_ctl_get() The *_ctl_get() functions which call scarlett2_update_*() were not checking the return value. Fix to check the return value and pass to the caller. * CVE-2023-52689 In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing mutex lock around get meter levels As scarlett2_meter_ctl_get() uses meter_level_map[], the data_mutex should be locked while accessing it. * CVE-2023-52690 In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scom_debug_init_one() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Add a null pointer check, and release 'ent' to avoid memory leaks. * CVE-2023-52696 In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_powercap_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. * CVE-2023-52697 In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL sof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of them use the same dai name. For example, rt712 and rt713 both use "rt712-sdca-aif1" and sof_sdw_rt_sdca_jack_exit(). As a result, sof_sdw_rt_sdca_jack_exit() will be called twice by mc_dailink_exit_loop(). Set ctx->headset_codec_dev = NULL; after put_device(ctx->headset_codec_dev); to avoid ctx->headset_codec_dev being put twice. * CVE-2023-52698 In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlbl_calipso_add_pass(). * CVE-2023-52731 In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix invalid page access after closing deferred I/O devices. * CVE-2023-52740 In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch. * CVE-2023-52749 In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend. * CVE-2023-52751 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2_query_info_compound(). * CVE-2023-52757 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids. * CVE-2023-52758 In the Linux kernel, the following vulnerability has been resolved: i2c: dev: copy userspace array safely. i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done without an overflow check. Use the new wrapper memdup_array_user() to copy the array more safely. * CVE-2023-52788 In the Linux kernel, the following vulnerability has been resolved: i915/perf: Fix NULL deref bugs with drm_dbg() calls When i915 perf interface is not available dereferencing it will lead to NULL dereferences. As returning -ENOTSUPP is pretty clear return when perf interface is not available. * CVE-2023-52814 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential null pointer derefernce The amdgpu_ras_get_context may return NULL if device not support ras feature, so add check before using. * CVE-2023-52819 In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays. * CVE-2023-52831 In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU. * CVE-2023-52833 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Add date->evt_skb is NULL check fix crash because of null pointers. * CVE-2023-52837 In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_open. * CVE-2023-52859 In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allocated. The error handing will call cpuhp_state_remove_instance() to call uncore pmu offline callback, which migrate the pmu context. Since that's liable to lead to some kind of use-after-free. Use cpuhp_state_remove_instance_nocalls() instead of cpuhp_state_remove_instance() so that the notifiers don't execute after the PMU device has been failed to register. * CVE-2023-52867 In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6 could overflow, since index 'afmt_idx' is checked after access. * CVE-2023-52869 In the Linux kernel, the following vulnerability has been resolved: pstore/platform: Add check for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. * CVE-2023-52902 In the Linux kernel, the following vulnerability has been resolved: nommu: fix memory leak in do_mmap() error path The preallocation of the maple tree nodes may leak if the error path to "error_just_free" is taken. Fix this by moving the freeing of the maple tree nodes to a shared location for all error paths. * CVE-2024-1151 A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues. * CVE-2024-22099 A NULL pointer dereference vulnerability was found in the Linux kernel in rfcomm_check_security. This issue may lead to buffer overflows. * CVE-2024-24858 A race condition flaw was found in the Linux kernel's net/bluetooth, specifically in the {conn,adv}_{min,max}_interval_set() function, which may disrupt I2cap connections, possibly causing a denial of service. This flaw allows an attacker to disrupt Bluetooth connections, leading to a potential denial of service. * CVE-2024-24859 A race condition vulnerability was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This issue can result in a Bluetooth sniffing exception issue, possibly leading to denial of service. * CVE-2024-26589 In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for validation. * CVE-2024-26591 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach. * CVE-2024-26601 A flaw was found in the Linux kernel's ext4 filesystem related to the fast commit replay process. During this process, blocks that are already marked as free can be incorrectly marked as free again, leading to the corruption of the buddy bitmap, which is used to track free and allocated blocks. This corruption can result in filesystem inconsistencies and potential data loss. The issue is resolved by reintroducing the mb_regenerate_buddy() function, which regenerates the buddy bitmap to ensure its integrity. * CVE-2024-26605 A flaw was found in the Linux kernel, where a deadlock scenario was triggered when enabling Active State Power Management (ASPM) during the probe of Qualcomm PCIe controllers. This deadlock was identified by lockdep and stemmed from a recursive locking scenario. This issue occurred when a task attempted to acquire a lock already held by another task, leading to a deadlock situation. The deadlock could be reproduced on certain machines, such as the Lenovo ThinkPad X13s, by intentionally delaying operations to increase the race window during asynchronous probes, allowing another thread to take a write lock. * CVE-2024-26611 In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP. * CVE-2024-26612 In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it's IS_ERR_OR_NULL(). Check first, then dereference. * CVE-2024-26618 In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit sme_alloc() early with existing storage When sme_alloc() is called with existing storage and we are not flushing we will always allocate new storage, both leaking the existing storage and corrupting the state. Fix this by separating the checks for flushing and for existing storage as we do for SVE. Callers that reallocate (eg, due to changing the vector length) should call sme_free() themselves. * CVE-2024-26631 In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work idev->mc_ifc_count can be written over without proper locking. * CVE-2024-26641 In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv(). * CVE-2024-26646 In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM. * CVE-2024-26650 A deadlock issue was identified in the Linux kernel within the platform/x86 P2SB subsystem. The issue arises when the p2sb_bar() function, used to unhide the P2SB device for resource retrieval, locks pci_rescan_remove_lock during PCI device probing. If a PCI bus rescan is triggered (e.g., via /sys/bus/pci/rescan), it can lead to a deadlock when the rescan also locks pci_rescan_remove_lock and probes devices that call p2sb_bar(). This deadlock could cause a system hang or unresponsiveness during PCI bus rescans or device probing, affecting system stability. * CVE-2024-26661 A NULL pointer dereference flaw was found in the Linux kernel in dcn21_set_pipe(). This issue may lead to a crash. * CVE-2024-26662 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()' 'panel_cntl' structure used to control the display panel could be null, dereferencing it could lead to a null pointer access. * CVE-2024-26663 In the Linux kernel, the following vulnerability has been resolved: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add(). * CVE-2024-26670 A vulnerability was found in the Linux kernel. This issue occurs due to the incorrect placement of the TLBI and DSB instructions, which are not placed after all explicit memory accesses, creating the potential for speculative unprivileged loads. * CVE-2024-26672 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()'. * CVE-2024-26674 In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups. * CVE-2024-26678 In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section. * CVE-2024-26679 In the Linux kernel, the following vulnerability has been resolved: inet: read sk->sk_family once in inet_recv_error() inet_recv_error() is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6_ADDRFORM socket option and trigger a KCSAN warning. * CVE-2024-26680 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: Fix DMA mapping for PTP hwts ring. * CVE-2024-26691 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The rule is violated by the pkvm_create_hyp_vm() which acquires the kvm->lock while already holding the vcpu->mutex lock from kvm_vcpu_ioctl(). Avoid the circular locking dependency altogether by protecting the hyp vm handle with the config_lock, much like we already do for other forms of VM-scoped data. * CVE-2024-26700 The CVE Program describes this issue as: In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV. * CVE-2024-26707 A vulnerability in the Linux kernel affects the High-availability Seamless Redundancy (HSR) protocol. The issue was identified when a warning (WARN_ONCE()) was triggered due to failed resource allocation for skb in the hsr_init_skb() function. The WARN_ONCE() was initially used to log this failure, but it was not deemed helpful in resolving it. Instead, the kernel maintainers switched to using netdev_warn_once() to better handle the failure and avoid excessive warning reports. * CVE-2024-26708 A vulnerability was found in the subflow_simultaneous_connect() function in the mptcp component in the Linux kernel, where not all possible subflow states are evaluated, leading to a potential race condition. This issue could lead to undefined network behavior. * CVE-2024-26712 In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment. * CVE-2024-26719 In the Linux kernel, the following vulnerability has been resolved: nouveau: offload fence uevents work to workqueue This should break the deadlock between the fctx lock and the irq lock. This offloads the processing off the work from the irq into a workqueue. * CVE-2024-26725 A vulnerability was found in the Linux kernel, where an ABBA deadlock condition may be created if multiple CPUs attempt a DPLL netlink dump operation simultaneously. This deadlock could lead to performance issues. * CVE-2024-26746 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIG_HARDENED_USERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. * CVE-2024-26757 In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in md_check_recovery(). * CVE-2024-26758 In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery(). * CVE-2024-26761 In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL. * CVE-2024-26767 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer dereference before null check. * CVE-2024-26774 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by zero when the block bitmap is corrupted. * CVE-2024-26782 In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. * CVE-2024-26785 A protection fault vulnerability was found in the iommufd subsystem of the Linux kernel. This flaw could lead to unexpected behavior or system instability. * CVE-2024-26786 In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix iopt_access_list_id overwrite bug. * CVE-2024-26803 In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIF_F_GRO automatically when XDP is enabled, because both features use the same NAPI machinery. * CVE-2024-26812 An interrupt handling flaw was found in the Linux kernel’s PCI core device driver. This flaw allows a local user to potentially crash the system. * CVE-2024-26815 In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check taprio_parse_tc_entry() is not correctly checking TCA_TAPRIO_TC_ENTRY_INDEX attribute: int tc; //. * CVE-2024-26835 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a table marked as active but no registered hooks. On table/base chain deletion, nf_tables will attempt to unregister the hook again which yields a warn splat from the nftables core. * CVE-2024-26838 In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet. * CVE-2024-26857 In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneve_rx(). * CVE-2024-26861 In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receiving_counter.counter. * CVE-2024-26862 In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt(). * CVE-2024-26863 In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node() KMSAN reported the following uninit-value access issue. * CVE-2024-26882 In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv(). * CVE-2024-26889 A buffer overflow flaw was found in struct hci_dev_info in the variable name[8] in the Linkkux Kernel. If an attacker crafts an exploit copying more than the size of the name[8], it results in a buffer overflow and a denial of service. * CVE-2024-26890 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: fix out of bounds memory access. * CVE-2024-26899 A flaw was found in the Linux kernel, where a deadlock can occur between bd_link_disk_holder and partition scan. * CVE-2024-26900 A memory leak flaw was found in rdev->serial in the Linux kernel. This issue may lead to a crash. * CVE-2024-26903 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security. * CVE-2024-26915 A flaw was found in the Linux kernel. The IH OVERFLOW_CLEAR bit was not reset. * CVE-2024-26920 In the Linux kernel, the following vulnerability has been resolved: tracing/trigger: Fix to return error if failed to alloc snapshot Fix register_snapshot_trigger() to return error code if it failed to allocate a snapshot instead of 0 (success). Unless that, it will register snapshot trigger without an error. * CVE-2024-26922 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place. * CVE-2024-26927 A flaw was found in the Linux kernel. The following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data. * CVE-2024-26928 A flaw was found in the Linux kernel. The following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show(). * CVE-2024-26937 A flaw was found in the i915 module in the Linux kernel. Under some conditions, an assertion failure can be triggered and cause a denial of service. * CVE-2024-26938 In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode(). * CVE-2024-26950 In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer. * CVE-2024-26951 In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list. * CVE-2024-26953 In the Linux kernel, the following vulnerability has been resolved: net: esp: fix bad handling of pages from page_pool. * CVE-2024-26962 In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape. * CVE-2024-26975 In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix a NULL pointer dereference. * CVE-2024-26984 A flaw was found in the nouveau module in the Linux kernel. In some conditions, a race condition can cause a NULL pointer dereference, resulting in a denial of service. * CVE-2024-26987 In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled. * CVE-2024-26988 A static_command_line memory overflow was found in the Linux kernel. This issue may cause a crash. * CVE-2024-26989 In the Linux kernel, the following vulnerability has been resolved: arm64: hibernate: Fix level3 translation fault in swsusp_save(). * CVE-2024-26990 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status. * CVE-2024-26992 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS. * CVE-2024-27003 In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree for clk_summary. * CVE-2024-27004 In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree during disable_unused. * CVE-2024-27012 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails. * CVE-2024-27015 In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in the flow table lookup, so pppoe packets enter the classical forwarding path. * CVE-2024-27023 In the Linux kernel, the following vulnerability has been resolved: md: Fix missing release of 'active_io' for flush submit_flushes atomic_set. * CVE-2024-27038 In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_core_get NULL dereference. * CVE-2024-27057 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend. * CVE-2024-27079 In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release. * CVE-2024-27389 In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only d_invalidate() is needed. * CVE-2024-27404 A race condition vulnerability was found in the Linux kernel remote_id function. Successful exploitation of the flaw can result in loss of system availability. * CVE-2024-27414 In the Linux kernel, the following vulnerability has been resolved: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back. * CVE-2024-27431 In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program. * CVE-2024-27436 In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array. * CVE-2024-27437 An incorrect handling flaw was found in the Linux kernel framework for secure userspace device drivers functionality that may interrupt some of the devices. This issue could allow a local user to crash the system. * CVE-2024-35787 A security vulnerability was identified in the Linux kernel's MD (Multiple Device) subsystem, specifically within the bitmap handling code for clustered environments. The issue arises from incorrect usage of the sb_index field, leading to potential system crashes in clustered configurations. * CVE-2024-35794 A hang flaw was found in the Linux kernel’s Raid (MD) subsystem. This flaw allows a local user to crash the system. * CVE-2024-35795 A flaw was found in the drm/amdgpu subsystem in the Linux kernel, involving a deadlock occurring when reading the Memory Queue Descriptor (MQD) from debugfs. This issue could cause the system to hang during debug operations. * CVE-2024-35805 In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix this by adding "cond_resched" to the loop that frees the exceptions. * CVE-2024-35808 A flaw was found in the md/dm-raid subsystem in the Linux kernel. If md_reap_sync_thread() is called directly, it could lead to potential misuse or system instability. * CVE-2024-35812 A vulnerability was found in the USB Communication Device Class - Wireless Data Modem (CDC-WDM) driver in the Linux Kernel, leading to a race condition between read operations and workqueue processing. This issue could potentially result in unpredictable behavior or crashes. * CVE-2024-35817 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag. * CVE-2024-35822 In the Linux kernel, the following vulnerability has been resolved: usb: udc: remove warning when queue disabled. * CVE-2024-35827 In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix overflow check in io_recvmsg_mshot_prep(). * CVE-2024-35831 A flaw was found in the io_uring subsystem in the Linux kernel, where pinned pages are not properly released if the __io_uaddr_map function fails. This could lead to resource leaks or other unintended behaviors. * CVE-2024-35840 CVE-2024-35840 is a vulnerability in the Linux kernel’s Multipath TCP (MPTCP) implementation. It occurs because the subflow_finish_connect() function may handle uninitialized data in certain fields if a specific MPTCP option (OPTION_MPTCP_MPJ_SYNACK) is not correctly set during option parsing. This could lead to unpredictable behavior in MPTCP connections. The issue has been resolved by ensuring proper initialization and handling of these fields. * CVE-2024-35843 In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in iopf reporting path. * CVE-2024-35859 In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdev_open_by_dev error path. At the time bdev_may_open() is called, module reference is grabbed already, hence module reference should be released if bdev_may_open() failed. This problem is found by code review. * CVE-2024-35861 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect(). Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. * CVE-2024-35862 A use-after-free flaw was found in the Linux kernel in smb smb2_is_network_name_deleted() when exiting a session. This flaw allows a local attacker to crash the system. * CVE-2024-35863 A use-after-free flaw was found in the Linux kernel in smb is_valid_oplock_break() when exiting a session. This flaw allows a local attacker to crash the system. * CVE-2024-35864 A use-after-free flaw was found in the Linux kernel in smb smb2_is_valid_lease_break() when exiting a session. This flaw allows a local attacker to crash the system. * CVE-2024-35865 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break(). Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. * CVE-2024-35866 A use-after-free flaw was found in the Linux kernel in the smb client cifs_dump_full_key() when exiting a session. This flaw allows a local attacker to crash the system. * CVE-2024-35867 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show(). Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. * CVE-2024-35869 The following vulnerability has been resolved in the Linux kernel: smb: client: Fix - Guarantee refcounted children from the parent session. * CVE-2024-35872 In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix GUP-fast succeeding on secretmem folios. * CVE-2024-35878 A null pointer dereference vulnerability was found in vsnprintf when str and len parameters are passed to vsnprintf(), which only allows passing a NULL ptr when the length is 0. This issue can result in a crash and damage to availability. * CVE-2024-35880 In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: hold io_buffer_list reference over mmap If we look up the kbuf, ensure that it doesn't get unregistered until after we're done with it. Since we're inside mmap, we cannot safely use the io_uring lock. Rely on the fact that we can lookup the buffer list under RCU now and grab a reference to it, preventing it from being unregistered until we're done with it. The lookup returns the io_buffer_list directly with it referenced. * CVE-2024-35886 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-2024-35892 CVE-2024-35892 is a vulnerability in the Linux kernel’s network scheduler caused by improper use of the qdisc_lookup() function. This function assumes the global RTNL lock is held, but in the qdisc_tree_reduce_backlog() function, only a local queue lock is used. This mismatch creates a race condition that could lead to system instability or crashes. The issue has been fixed by replacing qdisc_lookup() with an RCU-safe version that works correctly in this context. * CVE-2024-35894 In the Linux kernel, the following vulnerability has been resolved: mptcp: prevent BPF accessing lowat from a subflow socket. * CVE-2024-35904 In the Linux kernel, the following vulnerability has been resolved: selinux: avoid dereference of garbage after mount failure In case kern_mount() fails and returns an error pointer return in the error branch instead of continuing and dereferencing the error pointer. While on it drop the never read static variable selinuxfs_mount. * CVE-2024-35905 A flaw was found in the Linux kernel. An integer overflow vulnerability exists in the access size of a stack, such that the size of the access stack can appear negative as a result of overflowing its signed int representation. This issue can result in denial of service. * CVE-2024-35908 In the Linux kernel, the following vulnerability has been resolved: tls: get psock ref after taking rxlock to avoid leak At the start of tls_sw_recvmsg, we take a reference on the psock, and then call tls_rx_reader_lock. If that fails, we return directly without releasing the reference. Instead of adding a new label, just take the reference after locking has succeeded, since we don't need it before. * CVE-2024-35913 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF. * CVE-2024-35918 A cryptographic low entropy vulnerability was found in the Linux kernel, where the kstack_offset variable only uses the low bits for kernel stack offset entropy. This issue can result in loss of overall security of the system. * CVE-2024-35923 In the Linux kernel, the following vulnerability has been resolved: io_uring: clear opcode specific data for an early failure. * CVE-2024-35927 In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling. * CVE-2024-35928 In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init(). * CVE-2024-35931 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip do PCI error slot reset during RAS recovery. * CVE-2024-35942 In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain. * CVE-2024-35950 In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes[] with dev->mode_config.mutex The modes[] array contains pointers to modes on the connectors' mode lists, which are protected by dev->mode_config.mutex. Thus we need to extend modes[] the same protection or by the time we use it the elements may already be pointing to freed/reused memory. * CVE-2024-35954 In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sg_remove_sfp_usercontext() must not use sg_device_destroy() after calling scsi_device_put(). sg_device_destroy() is accessing the parent scsi_device request_queue which will already be set to NULL when the preceding call to scsi_device_put() removed the last reference to the parent scsi_device. The resulting NULL pointer exception will then crash the kernel. * CVE-2024-35957 This is a vulnerability in the Linux kernel's Intel Virtualization Technology for Directed I/O (VT-d) subsystem. The issue stems from an incorrect assumption that each device has a unique source ID, leading to potential conflicts and system warnings during the IOMMU probe process. This flaw has been addressed by modifying the tracking mechanism to include only devices with PCI Address Translation Services (ATS) capabilities, thereby preventing unnecessary warnings and ensuring system stability. Users are advised to update their Linux kernel to a version that includes this fix to maintain optimal system performance. * CVE-2024-35973 In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb. * CVE-2024-35976 In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING. * CVE-2024-35979 In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request(). * CVE-2024-35983 A vulnerability was found in the Linux kernel related to the improper handling of power-of-two values for CONFIG_NR_CPUS. The bits_per() function incorrectly rounds up to the next power of two when given a power of two, causing crashes on certain systems. * CVE-2024-35991 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue. * CVE-2024-35995 A vulnerability was found in the ACPI subsystem's CPPC driver in the Linux kernel. This issue occurs due to the mishandling of memory access bit width during performance capability calculations, which can lead to misaligned memory accesses and cause kernel panics on affected platforms. * CVE-2024-36002 In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpll_pin_on_pin_register() for multiple parent pins. * CVE-2024-36015 In the Linux kernel, the following vulnerability has been resolved: ppdev: Add an error check in register_device In register_device, the return value of ida_simple_get is unchecked, in witch ida_simple_get will use an invalid index value. To address this issue, index should be checked after ida_simple_get. When the index value is abnormal, a warning message should be printed, the port should be dropped, and the value should be recorded. * CVE-2024-36022 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Init zone device and drm client after mode-1 reset on reload. * CVE-2024-36028 In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio(). * CVE-2024-36030 In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: fix the double free in rvu_npc_freemem().Clang static checker(scan-build) warning： drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c:line 2184, column 2 Attempt to free released memory. npc_mcam_rsrcs_deinit() has released 'mcam->counters.bmap'. Deleted this redundant kfree() to fix this double free problem. * CVE-2024-36031 In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation. The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set by user-space is overwritten to TIME64_MAX, disabling further DNS updates. Fix this by restoring the condition that key_set_expiry is only called when the pre-parser sets a specific expiry. * CVE-2024-36477 In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer. * CVE-2024-36881 In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close() for wr-protected ones. * CVE-2024-36882 In the Linux kernel, the following vulnerability has been resolved: mm: use memalloc_nofs_save() in page_cache_ra_order(). * CVE-2024-36884 In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault(). * CVE-2024-36885 A vulnerability has been identified in the Linux kernel's drm/nouveau/firmware module, where enabling SG_DEBUG causes a kernel BUG() in nvkm_firmware_ctor(). This occurs because DMA-allocated memory cannot be converted into memory pages, leading to an invalid scatterlist mapping. An attacker with control over kernel parameters or device initialization could potentially trigger this bug, causing a system crash or denial of service. * CVE-2024-36891 In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix mas_empty_area_rev() null pointer dereference. Currently the code calls mas_start() followed by mas_data_end() if the maple state is MA_START, but mas_start() may return with the maple state node == NULL. This will lead to a null pointer dereference when checking information in the NULL node, which is done in mas_data_end(). Avoid setting the offset if there is no node by waiting until after the maple state is checked for an empty or single entry state. A user could trigger the events to cause a kernel oops by unmapping all vmas to produce an empty maple tree, then mapping a vma that would cause the scenario described above. * CVE-2024-36926 In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: LPAR panics during boot up with a frozen PE. * CVE-2024-36928 In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid. * CVE-2024-36930 In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spi_sync. * CVE-2024-36932 In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal. * CVE-2024-36936 In the Linux kernel, the following vulnerability has been resolved: efi/unaccepted: touch soft lockup during memory accept. * CVE-2024-36944 The CVE Program describes this issue as: In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait". * CVE-2024-36955 In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node(). * CVE-2024-36956 In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Free all thermal zone debug memory on zone removal. * CVE-2024-36961 In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Fix two locking issues with thermal zone debug. * CVE-2024-36967 In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error case. * CVE-2024-36974 In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP. * CVE-2024-36977 In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Wait unconditionally after issuing EndXfer command. * CVE-2024-38388 In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup. * CVE-2024-38600 In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection. * CVE-2024-38604 In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdev_iomap_begin blkdev_iomap_begin rounds down the offset to the logical block size before stashing it in iomap->offset and checking that it still is inside the inode size. Check the i_size check to the raw pos value so that we don't try a zero size write if iter->pos is unaligned * CVE-2024-38605 In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at card init. * CVE-2024-38618 In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time. * CVE-2024-38627 A vulnerability was found in the Linux kernel's stm class, where an improper memory management sequence in stm_register_device() could lead to a double-free error. This issue occurs when the put_device(&stm->dev) call triggers stm_device_release() to free "stm", making the subsequent vfree(stm) call redundant and potentially harmful. * CVE-2024-38629 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Avoid unnecessary destruction of file_ida file_ida is allocated during cdev open and is freed accordingly during cdev release. This sequence is guaranteed by driver file operations. Therefore, there is no need to destroy an already empty file_ida when the WQ cdev is removed. Worse, ida_free() in cdev release may happen after destruction of file_ida per WQ cdev. This can lead to accessing an id in file_ida after it has been destroyed, resulting in a kernel panic. Remove ida_destroy(&file_ida) to address these issues. * CVE-2024-38632 In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix potential memory leak in vfio_intx_enable() If vfio_irq_ctx_alloc() failed will lead to 'name' memory leak. * CVE-2024-38635 In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset. For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access. We were just lucky so far since we used only a couple of PDIs and remained within the PDI array bounds. A Fixes: tag is not provided since there are no known platforms where the out-of-bounds would be accessed, and the initial code had problems as well. A follow-up patch completely removes this useless offset. * CVE-2024-39291 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode(). * CVE-2024-39298 In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages. * CVE-2024-39473 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension. If a process module does not have base config extension then the same format applies to all of it's inputs and the process->base_config_ext is NULL, causing NULL dereference when specifically crafted topology and sequences used. * CVE-2024-39474 In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL. * CVE-2024-39479 In the Linux kernel, the following vulnerability has been resolved: drm/i915/hwmon: Get rid of devm. * CVE-2024-39486 A race condition was found in the Linux kernel. The rm_file_update_pid() only increments the refcount of a struct pid after storing a pointer to it in filp->pid, dropping the dev->filelist_mutex, resulting in a use-after-free vulnerability. * CVE-2024-39488 In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY. * CVE-2024-39491 A flaw was found in the Linux kernel's HDA driver before initialization. This issue occurs when a user unloads and then reloads the module, and could allow a local user to crash the system. * CVE-2024-39497 In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE). * CVE-2024-39498 In the Linux kernel, the following vulnerability has been resolved: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2. * CVE-2024-39501 In the Linux kernel, the following vulnerability has been resolved: drivers: core: synchronize really_probe() and dev_uevent(). * CVE-2024-39507 In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario. When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause kernel crash. To fix the problem, when link status change, need to check whether the roce registered, and when uninit, need to wait link update finish. * CVE-2024-39508 In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags. * CVE-2024-40903 A vulnerability was found in the tcpm_register_source_caps function in the Linux kernel's USB Type-C TCPM component. This issue arises when new, potentially invalid source capabilities are advertised while existing capabilities are unregistered, leading to a use-after-free condition if the registration fails. * CVE-2024-40906 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal. * CVE-2024-40907 In the Linux kernel, the following vulnerability has been resolved: ionic: fix kernel panic in XDP_TX action. * CVE-2024-40913 A vulnerability was found in the Linux kernel's cachefiles component, regarding the handling of anonymous file descriptors. This issue occurs when an anonymous fd is exposed to userland before confirming the success of the copy_to_user() operation, which can lead to a use-after-free condition. * CVE-2024-40919 In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send(). * CVE-2024-40922 In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don't lock while !TASK_RUNNING. * CVE-2024-40923 In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure. * CVE-2024-40925 In the Linux kernel, the following vulnerability has been resolved: block: fix request.queuelist usage in flush. * CVE-2024-40930 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: validate HE operation element parsing Validate that the HE operation element has the correct length before parsing it. * CVE-2024-40940 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail. In case of flow rule creation fail in mlx5_lag_create_port_sel_table(), instead of previously created rules, the tainted pointer is deleted deveral times. Fix this bug by using correct flow rules pointers. Found by Linux Verification Center (linuxtesting.org) with SVACE. * CVE-2024-40945 In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommu_sva_bind_device(). * CVE-2024-40948 In the Linux kernel, the following vulnerability has been resolved: mm/page_table_check: fix crash on ZONE_DEVICE. * CVE-2024-40965 A vulnerability was found in the lpi2c driver in the Linux kernel's i2c subsystem, where the clk_get_rate function is called during data transfers, which can lead to a deadlock situation when an audio codec attempts to access the i2c bus while holding the clock mutex, resulting in a denial of service. * CVE-2024-40966 In the Linux kernel, the following vulnerability has been resolved: tty: add the option to have a tty reject a new ldisc ... and use it to limit the virtual terminals to just N_TTY. They are kind of special, and in particular, the "con_write()" routine violates the "writes cannot sleep" rule that some ldiscs rely on. This avoids the BUG: sleeping function called from invalid context at kernel/printk/printk.c:2659 when N_GSM has been attached to a virtual console, and gsmld_write() calls con_write() while holding a spinlock, and con_write() then tries to get the console lock. * CVE-2024-40967 In the Linux kernel, the following vulnerability has been resolved: serial: imx: Introduce timeout when waiting on transmitter empty. By waiting at most 1 second for USR2_TXDC to be set, we avoid a potential deadlock. In case of the timeout, there is not much we can do, so we simply ignore the transmitter state and optimistically try to continue. * CVE-2024-41001 In the Linux kernel, the following vulnerability has been resolved: io_uring/sqpoll: work around a potential audit memory leak kmemleak complains that there's a memory leak related to connect handling. * CVE-2024-41020 In the Linux kernel, the following vulnerability has been resolved: filelock: Fix fcntl/close race recovery compat path. * CVE-2024-41032 In the Linux kernel, the following vulnerability has been resolved: mm: vmalloc: check if a hash-index is in cpu_possible_mask. * CVE-2024-41039 A vulnerability was found in the Linux kernel's firmware driver cs_dsp.c, where a buffer overflow is possible in the wmfw header due to insufficient buffer size checks. * CVE-2024-41049 In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posix_lock_inode. * CVE-2024-41057 In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie(). * CVE-2024-41058 In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in fscache_withdraw_volume(). * CVE-2024-41063 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: cancel all works upon hci_unregister_dev(). * CVE-2024-41077 In the Linux kernel, the following vulnerability has been resolved: null_blk: fix validation of block size. * CVE-2024-41079 In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result. * CVE-2024-41082 In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command. * CVE-2024-41084 In the Linux kernel, the following vulnerability has been resolved: cxl/region: Avoid null pointer dereference in region lookup cxl_dpa_to_region(). * CVE-2024-41085 In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix no cxl_nvd during pmem region auto-assembling. * CVE-2024-41089 In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes. * CVE-2024-41094 In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only set smem_start is enable per module option. * CVE-2024-41095 A flaw was found in the Linux kernel’s nouveau module. The return value of the drm_mode_duplicate function is not checked in the nv17_tv_get_ld_modes function in the drivers/gpu/drm/nouveau/dispnv04/tvnv17.c file, possibly causing a NULL pointer dereference and resulting in a denial of service. * CVE-2024-42078 In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsd_info.mutex early. nfsd_info.mutex can be dereferenced by svc_pool_stats_start() immediately after the new netns is created. Currently this can trigger an oops. Move the initialisation earlier before it can possibly be dereferenced. * CVE-2024-42084 An unexpected file truncate flaw was found when opening files with specific parameters in the Linux kernel's file-system. This vulnerability allows a local user to corrupt specific files when having access to these files. * CVE-2024-42101 A flaw was found in the Linux kernel’s nouveau module. The return value of the drm_mode_duplicate function is not checked in the nouveau_connector_get_modes function in the drivers/gpu/drm/nouveau/nouveau_connector.c file, possibly causing a NULL pointer dereference and resulting in a denial of service. * CVE-2024-42123 A vulnerability was found in the amdgpu_umc_handle_bad_pages() function in the Linux kernel's amdgpu driver. If the function is called multiple times in quick succession, a double free error can occur because the err_data->err_addr pointer that is being freed is not being set to NULL in between calls. This could lead to memory corruption or crashes. * CVE-2024-42125 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband We have some policy via BIOS to block uses of 6 GHz. In this case, 6 GHz sband will be NULL even if it is WiFi 7 chip. So, add NULL handling here to avoid crash. * CVE-2024-42132 In the Linux kernel, the following vulnerability has been resolved: bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX Syzbot hit warning in hci_conn_del() caused by freeing handle that was not allocated using ida allocator. This is caused by handle bigger than HCI_CONN_HANDLE_MAX passed by hci_le_big_sync_established_evt(), which makes code think it's unset connection. Add same check for handle upper bound as in hci_conn_set_handle() to prevent warning. * CVE-2024-42141 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Check socket flag instead of hcon. * CVE-2024-42159 A vulnerability was found in the Linux kernel's mpi3mr driver in the mpi3mr_sas_port_add() function, where a lack of proper checks could lead to values that are larger than what the defined size of the num_phys field in the mr_sas_node structure being inserted, causing the field to be overwritten and potentially corrupting the structure. This issue could lead to memory corruption or crashes. * CVE-2024-42245 In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task". * CVE-2024-42258 In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines. * CVE-2024-42268 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload. * CVE-2024-42271 A possible use-after-free vulnerability was found in the Linux kernel in iucv_sock_close(). This issue may lead to a crash or memory corruption. * CVE-2024-42276 In the Linux kernel, the following vulnerability has been resolved: nvme-pci: add missing condition check for existence of mapped data nvme_map_data() is called when request has physical segments, hence the nvme_unmap_data() should have same condition to avoid dereference. * CVE-2024-43817 In the Linux kernel, the following vulnerability has been resolved: net: missing check virtio. * CVE-2024-43826 In the Linux kernel, the following vulnerability has been resolved: nfs: pass explicit offset/count to trace events nfs_folio_length is unsafe to use without having the folio locked and a check for a NULL ->f_mapping that protects against truncations and can lead to kernel crashes. E.g. when running xfstests generic/065 with all nfs trace points enabled. Follow the model of the XFS trace points and pass in an explіcit offset and length. This has the additional benefit that these values can be more accurate as some of the users touch partial folio ranges. * CVE-2024-43842 A possible array out-of-bounds read flaw was found in the Linux kernel. This issue may lead to a crash. * CVE-2024-43856 In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent. * CVE-2024-43865 In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Re-add exception handling in load_fpu_state() With the recent rewrite of the fpu code exception handling for the lfpc instruction within load_fpu_state() was erroneously removed. Add it again to prevent that loading invalid floating point register values cause an unhandled specification exception. * CVE-2024-43866 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always drain health in shutdown callback There is no point in recovery during device shutdown. if health work started need to wait for it to avoid races and NULL pointer access. Hence, drain health WQ on shutdown callback. * CVE-2024-43869 In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release. * CVE-2024-43870 A logical flaw exists in the Linux kernel. When a task is scheduled, pending sigtrap deliveries are deferred to the target task upon resuming to userspace via task_work. However, failures are ignored while adding an event's callback to the task_work engine. Since the last call for the event exit happens after task work is eventually closed, there is a small window where the pending sigtrap can be queued to be ignored. * CVE-2024-43879 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he(). * CVE-2024-43888 In the Linux kernel, the following vulnerability has been resolved: mm: list_lru: fix UAF for memory cgroup. * CVE-2024-43911 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session. * CVE-2024-44947 In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate. * CVE-2024-44960 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor. * CVE-2024-44965 In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pti_clone_pgtable() alignment assumption. * CVE-2024-44970 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink. * CVE-2024-44984 A flaw was found in the bnxt_en module in the Linux kernel. A double DMA unmapping can trigger a kernel warning and cause a denial of service. * CVE-2024-45005 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix validity interception issue when gisa is switched off. Moderate Copyright 2025 Softline PJSC CVE-2019-25162 CVE-2020-10135 CVE-2021-47098 CVE-2021-47101 CVE-2021-47185 CVE-2021-47384 CVE-2021-47386 CVE-2021-47428 CVE-2021-47429 CVE-2021-47432 CVE-2021-47454 CVE-2021-47457 CVE-2021-47495 CVE-2021-47497 CVE-2021-47505 CVE-2022-48669 CVE-2022-48672 CVE-2022-48703 CVE-2022-48804 CVE-2022-48929 CVE-2023-52445 CVE-2023-52451 CVE-2023-52455 CVE-2023-52462 CVE-2023-52464 CVE-2023-52466 CVE-2023-52467 CVE-2023-52473 CVE-2023-52475 CVE-2023-52477 CVE-2023-52482 CVE-2023-52492 CVE-2023-52498 CVE-2023-52501 CVE-2023-52513 CVE-2023-52520 CVE-2023-52528 CVE-2023-52560 CVE-2023-52565 CVE-2023-52585 CVE-2023-52594 CVE-2023-52595 CVE-2023-52606 CVE-2023-52614 CVE-2023-52615 CVE-2023-52619 CVE-2023-52621 CVE-2023-52622 CVE-2023-52624 CVE-2023-52625 CVE-2023-52632 CVE-2023-52634 CVE-2023-52635 CVE-2023-52637 CVE-2023-52643 CVE-2023-52648 CVE-2023-52649 CVE-2023-52650 CVE-2023-52656 CVE-2023-52659 CVE-2023-52661 CVE-2023-52662 CVE-2023-52663 CVE-2023-52664 CVE-2023-52674 CVE-2023-52676 CVE-2023-52679 CVE-2023-52680 CVE-2023-52683 CVE-2023-52686 CVE-2023-52689 CVE-2023-52690 CVE-2023-52696 CVE-2023-52697 CVE-2023-52698 CVE-2023-52703 CVE-2023-52730 CVE-2023-52731 CVE-2023-52740 CVE-2023-52749 CVE-2023-52751 CVE-2023-52756 CVE-2023-52757 CVE-2023-52758 CVE-2023-52762 CVE-2023-52775 CVE-2023-52784 CVE-2023-52788 CVE-2023-52791 CVE-2023-52811 CVE-2023-52813 CVE-2023-52814 CVE-2023-52817 CVE-2023-52819 CVE-2023-52831 CVE-2023-52833 CVE-2023-52834 CVE-2023-52837 CVE-2023-52840 CVE-2023-52859 CVE-2023-52867 CVE-2023-52869 CVE-2023-52878 CVE-2023-52902 CVE-2024-0340 CVE-2024-1151 CVE-2024-22099 CVE-2024-23307 CVE-2024-23848 CVE-2024-24857 CVE-2024-24858 CVE-2024-24859 CVE-2024-25739 CVE-2024-26589 CVE-2024-26591 CVE-2024-26601 CVE-2024-26603 CVE-2024-26605 CVE-2024-26611 CVE-2024-26612 CVE-2024-26614 CVE-2024-26618 CVE-2024-26631 CVE-2024-26638 CVE-2024-26641 CVE-2024-26645 CVE-2024-26646 CVE-2024-26650 CVE-2024-26656 CVE-2024-26660 CVE-2024-26661 CVE-2024-26662 CVE-2024-26663 CVE-2024-26664 CVE-2024-26669 CVE-2024-26670 CVE-2024-26672 CVE-2024-26674 CVE-2024-26675 CVE-2024-26678 CVE-2024-26679 CVE-2024-26680 CVE-2024-26686 CVE-2024-26691 CVE-2024-26700 CVE-2024-26704 CVE-2024-26707 CVE-2024-26708 CVE-2024-26712 CVE-2024-26717 CVE-2024-26719 CVE-2024-26725 CVE-2024-26733 CVE-2024-26740 CVE-2024-26743 CVE-2024-26744 CVE-2024-26746 CVE-2024-26757 CVE-2024-26758 CVE-2024-26759 CVE-2024-26761 CVE-2024-26767 CVE-2024-26772 CVE-2024-26774 CVE-2024-26782 CVE-2024-26785 CVE-2024-26786 CVE-2024-26803 CVE-2024-26812 CVE-2024-26815 CVE-2024-26835 CVE-2024-26837 CVE-2024-26838 CVE-2024-26840 CVE-2024-26843 CVE-2024-26846 CVE-2024-26857 CVE-2024-26861 CVE-2024-26862 CVE-2024-26863 CVE-2024-26870 CVE-2024-26872 CVE-2024-26878 CVE-2024-26882 CVE-2024-26889 CVE-2024-26890 CVE-2024-26892 CVE-2024-26894 CVE-2024-26899 CVE-2024-26900 CVE-2024-26901 CVE-2024-26903 CVE-2024-26906 CVE-2024-26907 CVE-2024-26915 CVE-2024-26920 CVE-2024-26921 CVE-2024-26922 CVE-2024-26924 CVE-2024-26927 CVE-2024-26928 CVE-2024-26933 CVE-2024-26934 CVE-2024-26937 CVE-2024-26938 CVE-2024-26939 CVE-2024-26940 CVE-2024-26950 CVE-2024-26951 CVE-2024-26953 CVE-2024-26958 CVE-2024-26960 CVE-2024-26962 CVE-2024-26964 CVE-2024-26973 CVE-2024-26975 CVE-2024-26976 CVE-2024-26984 CVE-2024-26987 CVE-2024-26988 CVE-2024-26989 CVE-2024-26990 CVE-2024-26992 CVE-2024-27003 CVE-2024-27004 CVE-2024-27010 CVE-2024-27011 CVE-2024-27012 CVE-2024-27013 CVE-2024-27014 CVE-2024-27015 CVE-2024-27017 CVE-2024-27023 CVE-2024-27025 CVE-2024-27038 CVE-2024-27042 CVE-2024-27048 CVE-2024-27057 CVE-2024-27062 CVE-2024-27079 CVE-2024-27389 CVE-2024-27395 CVE-2024-27404 CVE-2024-27410 CVE-2024-27414 CVE-2024-27431 CVE-2024-27436 CVE-2024-27437 CVE-2024-31076 CVE-2024-35787 CVE-2024-35794 CVE-2024-35795 CVE-2024-35801 CVE-2024-35805 CVE-2024-35807 CVE-2024-35808 CVE-2024-35809 CVE-2024-35810 CVE-2024-35812 CVE-2024-35814 CVE-2024-35817 CVE-2024-35822 CVE-2024-35824 CVE-2024-35827 CVE-2024-35831 CVE-2024-35835 CVE-2024-35838 CVE-2024-35840 CVE-2024-35843 CVE-2024-35847 CVE-2024-35853 CVE-2024-35854 CVE-2024-35855 CVE-2024-35859 CVE-2024-35861 CVE-2024-35862 CVE-2024-35863 CVE-2024-35864 CVE-2024-35865 CVE-2024-35866 CVE-2024-35867 CVE-2024-35869 CVE-2024-35872 CVE-2024-35876 CVE-2024-35877 CVE-2024-35878 CVE-2024-35880 CVE-2024-35886 CVE-2024-35888 CVE-2024-35892 CVE-2024-35894 CVE-2024-35900 CVE-2024-35904 CVE-2024-35905 CVE-2024-35908 CVE-2024-35912 CVE-2024-35913 CVE-2024-35918 CVE-2024-35923 CVE-2024-35924 CVE-2024-35925 CVE-2024-35927 CVE-2024-35928 CVE-2024-35930 CVE-2024-35931 CVE-2024-35938 CVE-2024-35939 CVE-2024-35942 CVE-2024-35944 CVE-2024-35946 CVE-2024-35947 CVE-2024-35950 CVE-2024-35952 CVE-2024-35954 CVE-2024-35957 CVE-2024-35959 CVE-2024-35973 CVE-2024-35976 CVE-2024-35979 CVE-2024-35983 CVE-2024-35991 CVE-2024-35995 CVE-2024-36002 CVE-2024-36006 CVE-2024-36010 CVE-2024-36015 CVE-2024-36022 CVE-2024-36028 CVE-2024-36030 CVE-2024-36031 CVE-2024-36477 CVE-2024-36881 CVE-2024-36882 CVE-2024-36884 CVE-2024-36885 CVE-2024-36891 CVE-2024-36896 CVE-2024-36901 CVE-2024-36902 CVE-2024-36905 CVE-2024-36917 CVE-2024-36920 CVE-2024-36926 CVE-2024-36927 CVE-2024-36928 CVE-2024-36930 CVE-2024-36932 CVE-2024-36933 CVE-2024-36936 CVE-2024-36939 CVE-2024-36940 CVE-2024-36944 CVE-2024-36945 CVE-2024-36955 CVE-2024-36956 CVE-2024-36960 CVE-2024-36961 CVE-2024-36967 CVE-2024-36974 CVE-2024-36977 CVE-2024-38388 CVE-2024-38555 CVE-2024-38581 CVE-2024-38596 CVE-2024-38598 CVE-2024-38600 CVE-2024-38604 CVE-2024-38605 CVE-2024-38618 CVE-2024-38627 CVE-2024-38629 CVE-2024-38632 CVE-2024-38635 CVE-2024-39276 CVE-2024-39291 CVE-2024-39298 CVE-2024-39471 CVE-2024-39473 CVE-2024-39474 CVE-2024-39479 CVE-2024-39486 CVE-2024-39488 CVE-2024-39491 CVE-2024-39497 CVE-2024-39498 CVE-2024-39499 CVE-2024-39501 CVE-2024-39503 CVE-2024-39507 CVE-2024-39508 CVE-2024-40901 CVE-2024-40903 CVE-2024-40906 CVE-2024-40907 CVE-2024-40913 CVE-2024-40919 CVE-2024-40922 CVE-2024-40923 CVE-2024-40924 CVE-2024-40925 CVE-2024-40930 CVE-2024-40940 CVE-2024-40945 CVE-2024-40948 CVE-2024-40965 CVE-2024-40966 CVE-2024-40967 CVE-2024-40988 CVE-2024-40989 CVE-2024-40997 CVE-2024-41001 CVE-2024-41007 CVE-2024-41008 CVE-2024-41012 CVE-2024-41020 CVE-2024-41032 CVE-2024-41038 CVE-2024-41039 CVE-2024-41042 CVE-2024-41049 CVE-2024-41056 CVE-2024-41057 CVE-2024-41058 CVE-2024-41060 CVE-2024-41063 CVE-2024-41065 CVE-2024-41077 CVE-2024-41079 CVE-2024-41082 CVE-2024-41084 CVE-2024-41085 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41094 CVE-2024-41095 CVE-2024-42070 CVE-2024-42078 CVE-2024-42084 CVE-2024-42090 CVE-2024-42101 CVE-2024-42114 CVE-2024-42123 CVE-2024-42124 CVE-2024-42125 CVE-2024-42132 CVE-2024-42141 CVE-2024-42154 CVE-2024-42159 CVE-2024-42226 CVE-2024-42228 CVE-2024-42237 CVE-2024-42238 CVE-2024-42240 CVE-2024-42245 CVE-2024-42258 CVE-2024-42268 CVE-2024-42271 CVE-2024-42276 CVE-2024-42301 CVE-2024-43817 CVE-2024-43826 CVE-2024-43830 CVE-2024-43842 CVE-2024-43856 CVE-2024-43865 CVE-2024-43866 CVE-2024-43869 CVE-2024-43870 CVE-2024-43879 CVE-2024-43888 CVE-2024-43892 CVE-2024-43911 CVE-2024-44947 CVE-2024-44960 CVE-2024-44965 CVE-2024-44970 CVE-2024-44984 CVE-2024-45005 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2023-52605 In the Linux kernel, the following vulnerability has been resolved: ACPI: extlog: fix NULL pointer dereference check. * CVE-2024-50264 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. This issue is resolved by initializing vsk->trans to NULL. * CVE-2024-50302 A vulnerability was found in the Linux kernel's driver for Human Interface Devices. This flaw allows an attacker to use a malicious input device to read information from the report buffer. This could be used to leak kernel memory, enabling the exploitation of additional vulnerabilities. * CVE-2024-53197 A vulnerability was found in the Linux kernel's USB Audio driver. This flaw allows an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by manipulating system memory, potentially escalating privileges, or executing arbitrary code. * CVE-2023-52922 In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show(). * CVE-2024-53113 In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof. Important Copyright 2025 Softline PJSC CVE-2023-52605 CVE-2023-52922 CVE-2024-50264 CVE-2024-50302 CVE-2024-53113 CVE-2024-53197 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.114 and .NET Runtime 8.0.14. * CVE-2025-24070 Weak authentication in ASP.NET Core &amp; Visual Studio allows an unauthorized attacker to elevate privileges over a network. Important Copyright 2025 Softline PJSC CVE-2025-24070 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.104 and .NET Runtime 9.0.3. * CVE-2025-24070 Weak authentication in ASP.NET Core &amp; Visual Studio allows an unauthorized attacker to elevate privileges over a network. Important Copyright 2025 Softline PJSC CVE-2025-24070 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libxml2 library is a development toolbox providing the implementation of various XML standards. * CVE-2024-56171 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. * CVE-2025-24928 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047. Important Copyright 2025 Softline PJSC CVE-2024-56171 CVE-2025-24928 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-53150 A vulnerability was found in the Linux kernel's USB Audio driver. This flaw can allow an attacker with physical access to the system to use a malicious USB device to gain additional access. This is possible by reading arbitrary system memory. Moderate Copyright 2025 Softline PJSC CVE-2024-53150 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. * CVE-2025-22869 SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. Important Copyright 2025 Softline PJSC CVE-2025-22869 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. * CVE-2023-44441 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44442 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSD file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44443 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44444 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process. Important Copyright 2025 Softline PJSC CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Collector with the supported components for a Red Hat build of OpenTelemetry * CVE-2025-30204 A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-30204 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. * CVE-2025-1080 A flaw was found in LibreOffice. In the affected versions of LibreOffice, a link in a browser using that scheme could be constructed with an embedded inner URL that, when passed to LibreOffice, could call internal macros with arbitrary arguments. Important Copyright 2025 Softline PJSC CVE-2025-1080 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-27516 Pallets Jinja could allow a local authenticated attacker to bypass security restrictions, caused by an oversight in how the Jinja sandboxed environment interacts with the |attr filter. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary Python code on the system. Important Copyright 2025 Softline PJSC CVE-2025-27516 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. * CVE-2025-27363 An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild. Important Copyright 2025 Softline PJSC CVE-2025-27363 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Expat is a C library for parsing XML documents. * CVE-2024-8176 A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. Moderate Copyright 2025 Softline PJSC CVE-2024-8176 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-43855 A denial of service vulnerability exists in the Linux kernel. A deadlock condition occurs when mddev is being suspended while some of the flush bio is in progress, leading to a loss of availability. Moderate Copyright 2025 Softline PJSC CVE-2024-43855 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-3028 JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9. * CVE-2025-3029 A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9. * CVE-2025-3030 Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9. Important Copyright 2025 Softline PJSC CVE-2025-3028 CVE-2025-3029 CVE-2025-3030 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-7592 There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value. Low Copyright 2025 Softline PJSC CVE-2024-7592 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. * CVE-2024-50379 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. * CVE-2025-24813 A flaw was found in Apache Tomcat. In certain conditions and configurations, this vulnerability allows a remote attacker to exploit a path equivalence flaw to view file system contents and add malicious content via a write-enabled Default Servlet in Apache Tomcat. For the vulnerability to be exploited, the following conditions must be true: writes to the default servlet are enabled (disabled by default), sensitive file uploads are sub-directories of a target URL for public uploads, attackers know the names of the files, and those files are subject to partial PUT uploads enabled by default. If an application uses file-based session persistence with default storage and includes exploitable libraries, remote code execution (RCE) is possible. Moderate Copyright 2025 Softline PJSC CVE-2024-50379 CVE-2025-24813 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-7592 There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value. Low Copyright 2025 Softline PJSC CVE-2024-7592 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2024-44192 The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-54467 A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. * CVE-2024-54551 The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service. * CVE-2025-24208 A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack. * CVE-2025-24209 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2025-24216 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. * CVE-2025-30427 A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash. Important Copyright 2025 Softline PJSC CVE-2024-44192 CVE-2024-54467 CVE-2024-54551 CVE-2025-24208 CVE-2025-24209 CVE-2025-24216 CVE-2025-30427 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Go is a high-level general purpose programming language that is statically typed and compiled. It is known for the simplicity of its syntax and the efficiency of development that it enables by the inclusion of a large standard library supplying many needs for common projects. It was designed at Google. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2025 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The microcode_ctl packages provide microcode updates for Intel and AMD processors. * CVE-2023-34440 Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2023-43758 Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2024-24582 Improper input validation in XmlCli feature for UEFI firmware for some Intel(R) processors may allow privileged user to potentially enable escalation of privilege via local access. * CVE-2024-28127 Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2024-29214 Improper input validation in UEFI firmware CseVariableStorageSmm for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Important Copyright 2025 Softline PJSC CVE-2023-34440 CVE-2023-43758 CVE-2024-24582 CVE-2024-28127 CVE-2024-29214 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. * CVE-2025-24855 numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. Important Copyright 2025 Softline PJSC CVE-2025-24855 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. * CVE-2025-27516 Pallets Jinja could allow a local authenticated attacker to bypass security restrictions, caused by an oversight in how the Jinja sandboxed environment interacts with the |attr filter. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary Python code on the system. Important Copyright 2025 Softline PJSC CVE-2025-27516 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-21785 In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array. Important Copyright 2025 Softline PJSC CVE-2025-21785 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2025-30204 A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-30204 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2025-22869 SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. Important Copyright 2025 Softline PJSC CVE-2025-22869 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Collector with the supported components for a Red Hat build of OpenTelemetry * CVE-2024-45336 A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header redirected to b.com/ will not send that header to b.com. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2. * CVE-2025-22868 A flaw was found in the golang.org/x/oauth2/jws package in the token parsing component. This vulnerability is made possible because of the use of strings.Split(token, ".") to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of . characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service. * CVE-2025-27144 Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters. * CVE-2025-29786 A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory (OOM) crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree (AST), consuming excessive memory. Important Copyright 2025 Softline PJSC CVE-2024-45336 CVE-2025-22868 CVE-2025-27144 CVE-2025-29786 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-42322 In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service. * CVE-2024-42292 In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so will cause OOB memory access issue if variable MODALIAS is not the last one within its @env parameter, fixed by correcting size to memmove. * CVE-2024-44990 In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok. * CVE-2024-46826 In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomize_va_space double read. * CVE-2025-21927 In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu(). Important Copyright 2025 Softline PJSC CVE-2024-42292 CVE-2024-42322 CVE-2024-44990 CVE-2024-46826 CVE-2025-21927 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-2830 By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. * CVE-2025-3522 Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. * CVE-2025-3523 When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. Important Copyright 2025 Softline PJSC CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. * CVE-2025-0395 When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. Moderate Copyright 2025 Softline PJSC CVE-2025-0395 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. * CVE-2024-55549 A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes. Important Copyright 2025 Softline PJSC CVE-2024-55549 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-3028 JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability affects Firefox < 137, Firefox ESR < 115.22, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9. * CVE-2025-3029 A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9. * CVE-2025-3030 Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137, Firefox ESR < 128.9, Thunderbird < 137, and Thunderbird < 128.9. Important Copyright 2025 Softline PJSC CVE-2025-3028 CVE-2025-3029 CVE-2025-3030 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. * CVE-2025-21587 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2025-30691 Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2025-30698 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). Moderate Copyright 2025 Softline PJSC CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. * CVE-2025-21587 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2025-30691 Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2025-30698 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). Moderate Copyright 2025 Softline PJSC CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. * CVE-2025-21587 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2025-30691 Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. * CVE-2025-30698 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). Moderate Copyright 2025 Softline PJSC CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. * CVE-2025-2487 A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash. Moderate Copyright 2025 Softline PJSC CVE-2025-2487 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. * CVE-2023-6693 A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. * CVE-2024-3567 A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition. Moderate Copyright 2025 Softline PJSC CVE-2023-6693 CVE-2024-3567 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2025-27219 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies. * CVE-2025-27220 In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method. Moderate Copyright 2025 Softline PJSC CVE-2025-27219 CVE-2025-27220 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. * CVE-2025-30204 A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-30204 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-2817 Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4083 A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4087 A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4091 Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4093 Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10. Important Copyright 2025 Softline PJSC CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-2817 Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4083 A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4087 A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4091 Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4093 Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10. Important Copyright 2025 Softline PJSC CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news. * CVE-2024-53920 In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.) Moderate Copyright 2025 Softline PJSC CVE-2024-53920 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. * CVE-2024-7347 NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. * CVE-2022-41741 NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. * CVE-2022-41742 NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products that are built with the module ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. Moderate Copyright 2025 Softline PJSC CVE-2022-41741 CVE-2022-41742 CVE-2024-7347 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. * CVE-2025-27144 Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters. Moderate Copyright 2025 Softline PJSC CVE-2025-27144 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. * CVE-2024-9632 A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges. * CVE-2025-26594 A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. * CVE-2025-26595 A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size. * CVE-2025-26596 A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow. * CVE-2025-26597 A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size. * CVE-2025-26598 An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access. * CVE-2025-26599 An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later. * CVE-2025-26600 A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free. * CVE-2025-26601 A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers. Moderate Copyright 2025 Softline PJSC CVE-2024-9632 CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025-26601 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. * CVE-2022-1941 A parsing vulnerability for the MessageSet type in the ProtocolBuffers can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. Moderate Copyright 2025 Softline PJSC CVE-2022-1941 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop. * CVE-2022-4055 When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An attacker can use this method to create a mailto URL that looks safe to users, but will actually attach files when clicked. Moderate Copyright 2025 Softline PJSC CVE-2022-4055 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Yelp is the help browser for the GNOME desktop. It is designed to help you browse all the documentation on your system in one central tool, including traditional man pages, info pages and documentation written in DocBook. * CVE-2025-3155 A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment. Important Copyright 2025 Softline PJSC CVE-2025-3155 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-2817 Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4083 A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Firefox ESR < 115.23, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4087 A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4091 Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10. * CVE-2025-4093 Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10. Important Copyright 2025 Softline PJSC CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. * CVE-2022-45063 xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions. Low Copyright 2025 Softline PJSC CVE-2022-45063 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. * CVE-2025-30204 A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-30204 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Expat is a C library for parsing XML documents. * CVE-2024-8176 A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. Moderate Copyright 2025 Softline PJSC CVE-2024-8176 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Vim (Vi IMproved) is an updated and improved version of the vi editor. * CVE-2023-4752 Use After Free in GitHub repository vim/vim prior to 9.0.1858. Low Copyright 2025 Softline PJSC CVE-2023-4752 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. * CVE-2024-52616 A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs. Moderate Copyright 2025 Softline PJSC CVE-2024-52616 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.106 and .NET Runtime 9.0.5. * CVE-2025-26646 External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. Important Copyright 2025 Softline PJSC CVE-2025-26646 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-35195 Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. This vulnerability is fixed in 2.32.0. Moderate Copyright 2025 Softline PJSC CVE-2024-35195 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The microcode_ctl packages provide microcode updates for Intel and AMD processors. * CVE-2024-28047 Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. * CVE-2024-31157 Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. * CVE-2024-39279 Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access. Moderate Copyright 2025 Softline PJSC CVE-2024-28047 CVE-2024-31157 CVE-2024-39279 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2025-21605 A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted, and the memory is unavailable. When password authentication is enabled on the Redis server but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system runs out of memory. Important Copyright 2025 Softline PJSC CVE-2025-21605 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. * CVE-2025-26465 A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. Moderate Copyright 2025 Softline PJSC CVE-2025-26465 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libsoup packages provide an HTTP client and server library for GNOME. * CVE-2025-32050 A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read. * CVE-2025-32052 A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read. * CVE-2025-32053 A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read. * CVE-2025-32906 A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. * CVE-2025-32911 A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. * CVE-2025-32913 A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function. * CVE-2025-46420 A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes. * CVE-2025-46421 A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect. * CVE-2025-32907 A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a full denial of service. Important Copyright 2025 Softline PJSC CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32907 CVE-2025-32911 CVE-2025-32913 CVE-2025-46420 CVE-2025-46421 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-2830 By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. * CVE-2025-3522 Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. * CVE-2025-3523 When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. Important Copyright 2025 Softline PJSC CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.116 and .NET Runtime 8.0.16. * CVE-2025-26646 External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. Important Copyright 2025 Softline PJSC CVE-2025-26646 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). * CVE-2025-24528 A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service. Moderate Copyright 2025 Softline PJSC CVE-2025-24528 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 IPTraf-ng is a console-based network monitoring utility which includes an IP traffic monitor, a TCP and UDP service monitor, and a LAN statistics module. It supports Ethernet, FDDI, ISDN, SLIP, PPP, and loopback interfaces as well as the built-in raw socket interface of the Linux kernel. * CVE-2024-52949 iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack. Moderate Copyright 2025 Softline PJSC CVE-2024-52949 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. * CVE-2024-12087 A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client. * CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. * CVE-2024-12747 A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation. Moderate Copyright 2025 Softline PJSC CVE-2024-12087 CVE-2024-12088 CVE-2024-12747 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. * CVE-2025-1217 A flaw was found in PHP. This vulnerability allows misinterpretation of HTTP response headers, potentially leading to incorrect usage of headers, MIME types, and other response attributes via incorrect parsing of folded headers in the HTTP request module. * CVE-2025-1219 A flaw was found in PHP's DOM and SimpleXML extensions. This vulnerability allows incorrect parsing of a redirected HTTP resource via improper content-type header handling. * CVE-2025-1734 A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon (:), which may confuse applications into processing them as valid headers. * CVE-2025-1736 A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers. * CVE-2025-1861 A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size. Moderate Copyright 2025 Softline PJSC CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2025-30204 A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-30204 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. * CVE-2023-46751 An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. * CVE-2024-46951 An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution. * CVE-2024-46952 An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values). * CVE-2024-46953 An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution. * CVE-2024-46954 A flaw was found in Ghostscript/base/gp_utf8.c. This vulnerability allows directory traversal via overlong UTF-8 encoding, potentially leading to unauthorized access to filesystem directories. * CVE-2024-46956 A flaw was found in Artifex Ghostscript's psi/zfile.c component. This vulnerability allows arbitrary code execution via out-of-bounds data access. Moderate Copyright 2025 Softline PJSC CVE-2023-46751 CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46954 CVE-2024-46956 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-21927 In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu(). * CVE-2024-58005 In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c. * CVE-2024-58007 In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number. * CVE-2024-58069 In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read. * CVE-2025-21633 In the Linux kernel, the following vulnerability has been resolved: kernel: io_uring/sqpoll: zero sqd->thread on tctx errors. * CVE-2025-21993 In the Linux kernel, the following vulnerability has been resolved: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic(). Important Copyright 2025 Softline PJSC CVE-2024-58005 CVE-2024-58007 CVE-2024-58069 CVE-2025-21633 CVE-2025-21927 CVE-2025-21993 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. * CVE-2024-52005 A flaw was found in Git. When cloning, fetching, or pushing from a server, informational or error messages are transported from the remote Git process to the client via a sideband channel. These messages are prefixed with "remote:" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information or to mislead the user into executing untrusted scripts. Moderate Copyright 2025 Softline PJSC CVE-2024-52005 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. * CVE-2023-44441 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious DDS file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44442 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSD file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44443 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process. * CVE-2023-44444 A parsing vulnerability was found in the GNU Image Manipulation Program (GIMP). This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process. Important Copyright 2025 Softline PJSC CVE-2023-44441 CVE-2023-44442 CVE-2023-44443 CVE-2023-44444 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. * CVE-2025-31492 A flaw was found in mod_auth_openidc, an OpenID Connect authentication module for Apache HTTP Server. This vulnerability allows unauthenticated users to access protected content via crafted HTTP POST requests to protected resources when no application-level gateway is present. Important Copyright 2025 Softline PJSC CVE-2025-31492 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. * CVE-2024-55549 A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes. Important Copyright 2025 Softline PJSC CVE-2024-55549 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. * CVE-2025-22869 SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. Important Copyright 2025 Softline PJSC CVE-2025-22869 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 This module scans potential modules used by perl programs and returns a hash reference. Its keys are the module names as they appear in %INC (e.g. Test/More.pm). The values are hash references. * CVE-2024-10224 Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|" as a filename) or by passing arbitrary strings to eval(). Moderate Copyright 2025 Softline PJSC CVE-2024-10224 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2025-27144 Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters. Moderate Copyright 2025 Softline PJSC CVE-2025-27144 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. * CVE-2025-30472 Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. Moderate Copyright 2025 Softline PJSC CVE-2025-30472 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Rust agent for Keylime * CVE-2025-24898 A flaw was found in the rust-openssl package. In certain versions, ssl::select_next_proto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cause a use-after-free error. This could cause the server to crash or return arbitrary memory contents to the client. Moderate Copyright 2025 Softline PJSC CVE-2025-24898 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. * CVE-2024-24790 The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. * CVE-2024-24788 A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions. * CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. * CVE-2023-39321 Processing an incomplete post-handshake message for a QUIC connection can cause a panic. * CVE-2023-39322 QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size. * CVE-2024-9355 A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack. Moderate Copyright 2025 Softline PJSC CVE-2023-39321 CVE-2023-39322 CVE-2024-24788 CVE-2024-24790 CVE-2024-24791 CVE-2024-9355 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-24898 A flaw was found in the rust-openssl package. In certain versions, ssl::select_next_proto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cause a use-after-free error. This could cause the server to crash or return arbitrary memory contents to the client. Moderate Copyright 2025 Softline PJSC CVE-2025-24898 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Xwayland is an X server for running X clients under Wayland. * CVE-2024-9632 A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges. * CVE-2025-26594 A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free. * CVE-2025-26595 A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size. * CVE-2025-26596 A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow. * CVE-2025-26597 A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size. * CVE-2025-26598 An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access. * CVE-2025-26599 An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later. * CVE-2025-26600 A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free. * CVE-2025-26601 A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers. Moderate Copyright 2025 Softline PJSC CVE-2024-9632 CVE-2025-26594 CVE-2025-26595 CVE-2025-26596 CVE-2025-26597 CVE-2025-26598 CVE-2025-26599 CVE-2025-26600 CVE-2025-26601 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Authoritative DNS server for A/AAAA container records Forwards other request to configured resolvers. * CVE-2024-8418 A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime. Moderate Copyright 2025 Softline PJSC CVE-2024-8418 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. * CVE-2024-12243 A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition. Moderate Copyright 2025 Softline PJSC CVE-2024-12243 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2025-4123 A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is installed, it is possible to exploit the open redirect to achieve a full read SSRF. The default Content-Security-Policy (CSP) in Grafana will block the XSS though the `connect-src` directive. Important Copyright 2025 Softline PJSC CVE-2025-4123 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-21756 A flaw was found in the Linux kernel's VMware network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory, potentially leading to an escalation of privileges or the compromise of sensitive data. * CVE-2025-21966 In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature. * CVE-2025-37749 An out-of-bounds read vulnerability exists in the ppp_sync_txmunge() function in the Linux kernel's PPP subsystem. Insufficient bounds checking on incoming PPP packets may lead to a kernel crash if a packet with an empty or truncated payload is processed. Important Copyright 2025 Softline PJSC CVE-2025-21756 CVE-2025-21966 CVE-2025-37749 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. * CVE-2023-0286 A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network. Important Copyright 2025 Softline PJSC CVE-2023-0286 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-4918 An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. * CVE-2025-4919 An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. Important Copyright 2025 Softline PJSC CVE-2025-4918 CVE-2025-4919 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2025-31205 The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin. * CVE-2025-31257 This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. Important Copyright 2025 Softline PJSC CVE-2025-31205 CVE-2025-31257 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. * CVE-2024-45774 A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded. * CVE-2024-45775 A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data. * CVE-2024-45776 When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections. * CVE-2024-45781 A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections. * CVE-2024-45783 A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access. * CVE-2025-0622 A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections. * CVE-2025-0677 A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms. * CVE-2025-0690 The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence. Moderate Copyright 2025 Softline PJSC CVE-2024-45774 CVE-2024-45775 CVE-2024-45776 CVE-2024-45781 CVE-2024-45783 CVE-2025-0622 CVE-2025-0677 CVE-2025-0690 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-0938 A flaw was found in Python. The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that included square brackets, which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers. Moderate Copyright 2025 Softline PJSC CVE-2025-0938 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Bootable container system * CVE-2025-24898 A flaw was found in the rust-openssl package. In certain versions, ssl::select_next_proto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cause a use-after-free error. This could cause the server to crash or return arbitrary memory contents to the client. Moderate Copyright 2025 Softline PJSC CVE-2025-24898 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. * CVE-2024-2756 Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications. * CVE-2024-3096 In PHP  version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00), testing a blank string as the password via password_verify() will incorrectly return true. * CVE-2024-5458 In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly. * CVE-2024-8925 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being processed. This could lead to malicious attacker able to control part of the submitted data being able to exclude portion of other data, potentially leading to erroneous application behavior. * CVE-2024-8927 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP. * CVE-2024-9026 A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data manipulation is possible via the same vector. * CVE-2024-11233 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas. * CVE-2024-11234 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. * CVE-2024-8929 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. Moderate Copyright 2025 Softline PJSC CVE-2024-11233 CVE-2024-11234 CVE-2024-2756 CVE-2024-3096 CVE-2024-5458 CVE-2024-8925 CVE-2024-8927 CVE-2024-8929 CVE-2024-9026 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. * CVE-2024-47541 A flaw was found in the GStreamer library. An out-of-bounds write in the SSA subtitle parser can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. * CVE-2024-47542 A null pointer dereference has been discovered in the id3v2_read_synch_uint function, located in id3v2.c. If id3v2_read_synch_uint is called with a null work->hdr.frame_data, the pointer guint8 *data is accessed without validation, resulting in a null pointer dereference. This vulnerability can result in a Denial of Service (DoS) by triggering a segmentation fault (SEGV). This vulnerability is fixed in 1.24.10. * CVE-2024-47600 A flaw was found in the GStreamer library. An out-of-bounds read in the gst-discoverer-1.0 command line tool can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. This issue only affects the gst-discoverer-1.0 command line tool and not any other applications using GStreamer. * CVE-2024-47835 A flaw was found in the GStreamer library. A NULL-pointer dereference in the LRC subtitle parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. Moderate Copyright 2025 Softline PJSC CVE-2024-47541 CVE-2024-47542 CVE-2024-47600 CVE-2024-47835 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. * CVE-2024-56826 A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. * CVE-2024-56827 A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. Moderate Copyright 2025 Softline PJSC CVE-2024-56826 CVE-2024-56827 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and rollbacks. * CVE-2025-24898 A flaw was found in the rust-openssl package. In certain versions, ssl::select_next_proto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cause a use-after-free error. This could cause the server to crash or return arbitrary memory contents to the client. Moderate Copyright 2025 Softline PJSC CVE-2025-24898 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. * CVE-2024-1394 A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them. * CVE-2024-34158 A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. * CVE-2024-9355 A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack. Important Copyright 2025 Softline PJSC CVE-2024-1394 CVE-2024-34158 CVE-2024-9355 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-0938 A flaw was found in Python. The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that included square brackets, which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers. Moderate Copyright 2025 Softline PJSC CVE-2025-0938 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. * CVE-2025-25184 A flaw was found in the rubygem-rack package. When a user provides the authorization credentials via Rack::Auth::Basic, if successful, the username is placed in env['REMOTE_USER'] and later used by Rack::CommonLogger for logging purposes. The issue occurs when a server intentionally or unintentionally allows a user creation with the username containing CRLF and white space characters or the server logs every login attempt. If an attacker enters a username with a CRLF character, the logger will log the malicious username with CRLF characters into the logfile. This flaw allows attackers to break log formats or insert fraudulent entries, potentially obscuring activity or injecting malicious data into log files. Moderate Copyright 2025 Softline PJSC CVE-2025-25184 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions. * CVE-2024-12133 A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack. Moderate Copyright 2025 Softline PJSC CVE-2024-12133 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. * CVE-2025-27832 An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c. Moderate Copyright 2025 Softline PJSC CVE-2025-27832 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. * CVE-2025-2487 A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash. Moderate Copyright 2025 Softline PJSC CVE-2025-2487 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2025-22869 SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. * CVE-2025-27144 Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters. Important Copyright 2025 Softline PJSC CVE-2025-22869 CVE-2025-27144 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2024-44192 The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-54467 A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. * CVE-2024-54551 The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service. * CVE-2025-24208 A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack. * CVE-2025-24209 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2025-24216 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. * CVE-2025-30427 A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash. Important Copyright 2025 Softline PJSC CVE-2024-44192 CVE-2024-54467 CVE-2024-54551 CVE-2025-24208 CVE-2025-24209 CVE-2025-24216 CVE-2025-30427 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. * CVE-2025-23419 When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key are used and/or the SSL session cache https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache are used in the default server and the default server is performing client certificate authentication.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Moderate Copyright 2025 Softline PJSC CVE-2025-23419 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gstreamer1 packages contain a streaming media framework, based on graphs of filters which operate on media data. * CVE-2024-4453 A flaw was found in the GStreamer library. This flaw allows a remote attacker to send specially crafted content to the victim, allowing for arbitrary code execution within the context of the affected installation's process. The vulnerability is caused by improper parsing of EXIF metadata and a lack of proper validation of user-supplied data, which triggers an integer overflow. * CVE-2024-0444 A stack-based buffer overflow flaw was found in GStreamer. This issue may lead to code execution while parsing tile list data within AV1-encoded video files. Moderate Copyright 2025 Softline PJSC CVE-2024-0444 CVE-2024-4453 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. * CVE-2024-47543 A flaw was found in the GStreamer library. An out-of-bounds read in the MP4/MOV demuxer can lead to crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. * CVE-2024-47544 A flaw was found in the GStreamer library. Multiple NULL pointer dereferences in the MP4/MOV demuxer's CENC handling can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47545 A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer can lead to out-of-bounds reads that may cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47546 A flaw was found in the GStreamer library. Integer underflow in the MP4/MOV demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47596 A flaw was found in the GStreamer library. An integer underflow due to missing size checks in the MP4/MOV demuxer can lead to out-of-bounds reads and cause crashes for certain input files. This issue can allow a malicious actor to trigger a crash of the application. * CVE-2024-47597 A flaw was found in the GStreamer library. Multiple out-of-bounds reads in the MP4/MOV demuxer's sample table parsing and a lack of error checking can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47598 A flaw was found in the GStreamer library. When handling raw audio tracks, out-of-bounds reads in the MP4/MOV demuxer's sample table parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47599 A flaw was found in the GStreamer library. Insufficient error handling in the JPEG decoder can lead to NULL-pointer dereferences and cause crashes for certain input files, making it possible for a malicious actor to trigger a crash of the application. * CVE-2024-47601 A flaw was found in the GStreamer library. A NULL pointer dereference in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47602 A flaw was found in the GStreamer library. NULL pointer dereferences and out-of-bounds reads in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47603 A flaw was found in the GStreamer library. A NULL pointer dereference in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47774 A flaw was found in the GStreamer library. An out-of-bounds read in the gst_avi_subtitle_parse_gab2_chunk function can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. * CVE-2024-47775 A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, making it possible for a malicious actor to trigger a crash of the application. * CVE-2024-47776 A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47777 A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47778 A flaw was found in the GStreamer library. Various out-of-bounds reads in the WAV parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. * CVE-2024-47834 A flaw was found in the GStreamer library. A use-after-free in the Matroska demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash. Moderate Copyright 2025 Softline PJSC CVE-2024-47543 CVE-2024-47544 CVE-2024-47545 CVE-2024-47546 CVE-2024-47596 CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601 CVE-2024-47602 CVE-2024-47603 CVE-2024-47774 CVE-2024-47775 CVE-2024-47776 CVE-2024-47777 CVE-2024-47778 CVE-2024-47834 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Bootloader updater * CVE-2025-24898 A flaw was found in the rust-openssl package. In certain versions, ssl::select_next_proto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than the client buffer's, this can cause a use-after-free error. This could cause the server to crash or return arbitrary memory contents to the client. Moderate Copyright 2025 Softline PJSC CVE-2025-24898 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-0938 A flaw was found in Python. The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that included square brackets, which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers. Moderate Copyright 2025 Softline PJSC CVE-2025-0938 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication. * CVE-2024-10963 A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals. Important Copyright 2025 Softline PJSC CVE-2024-10963 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-9287 A vulnerability has been found in the Python venv module and CLI. Path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts, for example, "source venv/bin/activate". This flaw allows attacker-controlled virtual environments to run commands when the virtual environment is activated. Moderate Copyright 2025 Softline PJSC CVE-2024-9287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-50099 In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR (literal) uprobe support. * CVE-2024-50110 A vulnerability was found in the xfrm module in the Linux Kernel. This issue was discovered during fuzz testing, where uninitialized memory containing potentially sensitive data was inadvertently copied to user-space. This issue occurs when dumping IPsec algorithm data structures, exposing random padding from the structures. This issue could lead to information leaks if uninitialized memory is accessed by user-space applications. * CVE-2024-50142 In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset. * CVE-2024-50192 In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE. * CVE-2024-27399 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout. * CVE-2024-38564 In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE. * CVE-2024-45020 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a kernel verifier crash in stacksafe(). * CVE-2024-46697 In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4_fattr_args.context is zeroed out If nfsd4_encode_fattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'll then try to free. Initialize it early. * CVE-2024-47675 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's without calling bpf_uprobe_unregister(). This leaks bpf_uprobe->uprobe and worse, this frees bpf_uprobe->consumer without removing it from the uprobe->consumers list. * CVE-2024-49888 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a sdiv overflow issue. * CVE-2024-50115 In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory. * CVE-2024-50124 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list. * CVE-2024-50125 A use-after-free vulnerability was found in the Linux kernel's Bluetooth SCO. When sco_sock_timeout() is called, conn->sk may be unlinked/freed while waiting for sco_conn_lock. This checks if the conn->sk is still valid by checking if it is part of sco_sk_list, leading to a loss of availability and system confidentiality. * CVE-2024-50148 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister. * CVE-2024-50223 In the Linux kernel, the following vulnerability has been resolved: sched/numa: Fix the potential null pointer dereference in task_numa_work(). * CVE-2024-50255 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs. * CVE-2024-50262 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key(). Moderate Copyright 2025 Softline PJSC CVE-2024-27399 CVE-2024-38564 CVE-2024-45020 CVE-2024-46697 CVE-2024-47675 CVE-2024-49888 CVE-2024-50099 CVE-2024-50110 CVE-2024-50115 CVE-2024-50124 CVE-2024-50125 CVE-2024-50142 CVE-2024-50148 CVE-2024-50192 CVE-2024-50223 CVE-2024-50255 CVE-2024-50262 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-26615 In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump. * CVE-2024-43854 In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to zero before writing it to media. * CVE-2024-45018 In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use. * CVE-2024-44994 In the Linux kernel, the following vulnerability has been resolved: iommu: Restore lost return in iommu_report_device_fault(). * CVE-2024-46695 In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inode_setsecctx hook. * CVE-2024-49949 In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO. * CVE-2024-50251 An incorrect buffer length flaw was found in the Linux kernel's netfilter subsystem. A local user could trigger the nft_payload_set_eval function and use this issue to crash the system. Moderate Copyright 2025 Softline PJSC CVE-2024-26615 CVE-2024-43854 CVE-2024-44994 CVE-2024-45018 CVE-2024-46695 CVE-2024-49949 CVE-2024-50251 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mpg123 packages contain real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2, and 3 (most commonly MPEG 1.0 layer 3 also known as MP3), as well as re-usable decoding and output libraries. * CVE-2024-10573 An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector. Moderate Copyright 2025 Softline PJSC CVE-2024-10573 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. * CVE-2024-38796 A flaw was found in the EDK2 package. This flaw allows an attacker to cause memory corruption due to an overflow via an adjacent network. This issue may lead to loss of confidentiality, integrity, and availability. Moderate Copyright 2025 Softline PJSC CVE-2024-38796 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. * CVE-2023-45803 A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as POST to GET, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren't putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn't exploitable. Moderate Copyright 2025 Softline PJSC CVE-2023-45803 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. * CVE-2024-47538 A flaw was found in the Vorbis decoder in the GStreamer library. Processing a specially crafted input file can cause a stack-based buffer overflow in the Vorbis decoder due to improper input validation, resulting in unexpected behavior or, most likely, an application crash. * CVE-2024-47607 A flaw was found in the GStreamer library. A stack buffer overflow in the Opus decoder can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. * CVE-2024-47615 A flaw was found in the GStreamer library. An out-of-bounds write in the Ogg demuxer can cause crashes for certain input files. This vulnerability allows a malicious third party to trigger out-of-bounds writes that can result in the application's crash or possibly allow code execution through heap manipulation. Important Copyright 2025 Softline PJSC CVE-2024-47538 CVE-2024-47607 CVE-2024-47615 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-9287 A vulnerability has been found in the Python venv module and CLI. Path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts, for example, "source venv/bin/activate". This flaw allows attacker-controlled virtual environments to run commands when the virtual environment is activated. * CVE-2024-11168 A flaw was found in Python. The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts ([]), allowing hosts that weren't IPv6 or IPvFuture compliant. This behavior was not conformant to RFC 3986 and was potentially vulnerable to server-side request forgery (SSRF) if a URL is processed by more than one URL parser. Moderate Copyright 2025 Softline PJSC CVE-2024-11168 CVE-2024-9287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-9287 A vulnerability has been found in the Python venv module and CLI. Path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts, for example, "source venv/bin/activate". This flaw allows attacker-controlled virtual environments to run commands when the virtual environment is activated. * CVE-2024-12254 A flaw was found in Python. In certain configurations, the asyncio._SelectorSocketTransport.writelines() method fails to signal the protocol to clear the write buffer when it approaches capacity. Because of this, protocols would not periodically drain the write buffer, potentially leading to a denial of service via memory exhaustion. Important Copyright 2025 Softline PJSC CVE-2024-12254 CVE-2024-9287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2024-49761 A flaw was found in the REXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between &# and x...; in a hex numeric character reference (&#x...;) can trigger a regular expression denial of service (ReDoS) condition, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2024-49761 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. * CVE-2024-9632 A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges. Important Copyright 2025 Softline PJSC CVE-2024-9632 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 cpanminus is dependency free, requires zero configuration, and stands alone but it's maintainable and extensible with plug-ins and friendly to shell scripting. When running, it requires only 10 MB of RAM. * CVE-2024-45321 A flaw was found in App::cpanminus (cpanm) through version 1.7047. The default configuration downloads Perl modules from CPAN using HTTP, which could allow an attacker to view or modify the content without the knowledge of the user. This issue could allow an attacker to execute malicious code if they have the ability to intercept and modify the content before it reaches to user. Moderate Copyright 2025 Softline PJSC CVE-2024-45321 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-41009 An out-of-bounds memory access flaw was found in the Linux kernel’s BPF subsystem. This flaw allows a local user to crash the system. * CVE-2024-42244 In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume. * CVE-2024-50226 In the Linux kernel, the following vulnerability has been resolved: cxl/port: fix use-after-free, permit out-of-order decoder shutdown. Moderate Copyright 2025 Softline PJSC CVE-2024-41009 CVE-2024-42244 CVE-2024-50226 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The tuned packages provide a service that tunes system settings according to a selected profile. * CVE-2024-52336 A script injection vulnerability was identified in the Tuned package. The instance_create() D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with script_pre or script_post options that permit arbitrary scripts with their absolute paths to be passed. These user or attacker-controlled executable scripts or programs could then be executed by Tuned with root privileges that could allow attackers to local privilege escalation. * CVE-2024-52337 A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, tuned-adm get_instances or other third-party programs that use Tuned's D-Bus interface for such operations. Important Copyright 2025 Softline PJSC CVE-2024-52336 CVE-2024-52337 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2024-44309 A data isolation bypass vulnerability was discovered in WebKitGTK. Processing maliciously crafted web content could enable a cross-site scripting (XSS) attack. Important Copyright 2025 Softline PJSC CVE-2024-44309 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2024-11692 A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. * CVE-2024-11694 The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting (XSS) through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames masquerading as legitimate content. * CVE-2024-11695 A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. * CVE-2024-11696 The Mozilla Foundation's Security Advisory: The application can fail to account for exceptions thrown by the loadManifestFromFile method during add-on signature verification. This flaw is triggered by an invalid or unsupported extension manifest and could cause runtime errors that disrupt the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may be bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. * CVE-2024-11697 A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. * CVE-2024-11699 A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs are present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.​ * CVE-2024-11159 The Mozilla Foundation Security Advisory describes this flaw as: Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. Important Copyright 2025 Softline PJSC CVE-2024-11159 CVE-2024-11692 CVE-2024-11694 CVE-2024-11695 CVE-2024-11696 CVE-2024-11697 CVE-2024-11699 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2024-10976 A flaw was found in PostgreSQL. This vulnerability allows incorrect row-level security policies to be applied via subqueries, WITH queries, security invoker views, or SQL-language functions that reference tables with row-level security policies. This issue arises when a query is planned under one role and executed under another, potentially leading to unauthorized reads or modifications of data. * CVE-2024-10978 A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability. * CVE-2024-10979 A flaw was found in PostgreSQL PL/Perl. This vulnerability allows an unprivileged database user to change sensitive process environment variables (e.g., PATH) via incorrect control of environment variables. Important Copyright 2025 Softline PJSC CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2024-11692 A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. * CVE-2024-11694 The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting (XSS) through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames masquerading as legitimate content. * CVE-2024-11695 A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. * CVE-2024-11696 The Mozilla Foundation's Security Advisory: The application can fail to account for exceptions thrown by the loadManifestFromFile method during add-on signature verification. This flaw is triggered by an invalid or unsupported extension manifest and could cause runtime errors that disrupt the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may be bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. * CVE-2024-11697 A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. * CVE-2024-11699 A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs are present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.​ Important Copyright 2025 Softline PJSC CVE-2024-11692 CVE-2024-11694 CVE-2024-11695 CVE-2024-11696 CVE-2024-11697 CVE-2024-11699 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. * CVE-2025-48797 A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow. * CVE-2025-48798 A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues. * CVE-2025-5473 An integer overflow vulnerability was found in Gimp's handling of ICO files. This vulnerability can lead to code execution if a user is convinced to open a maliciously crafted file. Important Copyright 2025 Softline PJSC CVE-2025-48797 CVE-2025-48798 CVE-2025-5473 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. * CVE-2025-4404 A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration. Important Copyright 2025 Softline PJSC CVE-2025-4404 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The golang packages provide the Go programming language compiler. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-5263 Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5264 Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5266 Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5267 A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5268 Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5269 Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.11 and Thunderbird < 128.11. Important Copyright 2025 Softline PJSC CVE-2025-5263 CVE-2025-5264 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5269 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libsoup packages provide an HTTP client and server library for GNOME. * CVE-2025-2784 A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. * CVE-2025-32049 A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS). * CVE-2025-32914 A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. * CVE-2025-4948 A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. This can cause the program to access invalid memory and crash. As a result, any application or server using libsoup could be forced to exit unexpectedly, creating a denial-of-service (DoS) risk. Important Copyright 2025 Softline PJSC CVE-2025-2784 CVE-2025-32049 CVE-2025-32914 CVE-2025-4948 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-21964 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option. Moderate Copyright 2025 Softline PJSC CVE-2025-21964 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. * CVE-2025-46727 A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy. Important Copyright 2025 Softline PJSC CVE-2025-46727 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-47287 A flaw was found in Tornado. This vulnerability can lead to a a denial of service by generating an extremely high volume of log entries. Important Copyright 2025 Softline PJSC CVE-2025-47287 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. * CVE-2025-3887 A flaw was found in GStreamer H265 Codec Parsing. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers. Important Copyright 2025 Softline PJSC CVE-2025-3887 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_proxy_cluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Security Fix * CVE-2024-10306 A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive should be replaced by the <Location> directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might send MCMP requests that may result in adding/removing/updating nodes for the balancing. However, this host should not be accessible to the public network as it does not serve the general traffic. Bug Fixes * Rebuild mod_proxy_cluster against httpd 2.4.62 * Rebase mod_proxy_cluster to upstream 1.3.22 * Update deprecated misspeled EnableMCPMReceive directive Moderate Copyright 2025 Softline PJSC CVE-2024-10306 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. * CVE-2024-8508 A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that Unbound can perform per packet, meaning that if a specially crafted query is passed for the contents of a malicious zone with very large RRsets, Unbound may spend a considerable amount of time applying name compression to downstream replies, locking the CPU until the whole packet has been processed. Moderate Copyright 2025 Softline PJSC CVE-2024-8508 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-3875 Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1. * CVE-2025-3877 A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data, such as using /dev/urandom on Linux, or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. * CVE-2025-3909 Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling JavaScript execution as part of the HTML. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1. * CVE-2025-3932 It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1. Important Copyright 2025 Softline PJSC CVE-2025-3875 CVE-2025-3877 CVE-2025-3909 CVE-2025-3932 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2022-3424 A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2025-21764 In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb(). Moderate Copyright 2025 Softline PJSC CVE-2022-3424 CVE-2025-21764 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. * CVE-2025-47905 Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries. Important Copyright 2025 Softline PJSC CVE-2025-47905 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-21920 In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type. * CVE-2025-21926 In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in __udp_gso_segment. * CVE-2025-21997 In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xp_create_and_assign_umem(). * CVE-2025-22055 In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct. * CVE-2025-37785 A flaw was found in the ext4 module in the Linux kernel. An out-of-bounds read can be triggered when a corrupted ext4 filesystem is mounted due to a missing check, resulting in a denial of service that causes the system to freeze or become unusable. * CVE-2025-37943 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi. Important Copyright 2025 Softline PJSC CVE-2025-21920 CVE-2025-21926 CVE-2025-21997 CVE-2025-22055 CVE-2025-37785 CVE-2025-37943 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 FastCGI Perl bindings. * CVE-2025-40907 A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c. Important Copyright 2025 Softline PJSC CVE-2025-40907 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. * CVE-2025-4802 Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo). Moderate Copyright 2025 Softline PJSC CVE-2025-4802 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-4918 An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. * CVE-2025-4919 An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. * CVE-2025-5263 Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5264 Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5266 Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5267 A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5268 Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11. * CVE-2025-5269 Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.11 and Thunderbird < 128.11. Important Copyright 2025 Softline PJSC CVE-2025-4918 CVE-2025-4919 CVE-2025-5263 CVE-2025-5264 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5269 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. * CVE-2025-5283 Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Important Copyright 2025 Softline PJSC CVE-2025-5283 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6. * CVE-2025-30399 Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. Important Copyright 2025 Softline PJSC CVE-2025-30399 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.117 and .NET Runtime 8.0.17. * CVE-2025-30399 Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. Important Copyright 2025 Softline PJSC CVE-2025-30399 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 ModSecurity is an open source intrusion detection and prevention engine for web applications. * CVE-2025-47947 ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case (in stable released versions): when the payload's content type is `application/json`, and there is at least one rule which does a `sanitiseMatchedBytes` action. A patch is available at pull request 3389 and expected to be part of version 2.9.9. No known workarounds are available. Important Copyright 2025 Softline PJSC CVE-2025-47947 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Apache Commons BeanUtils library provides utility methods for accessing and modifying properties of arbitrary JavaBeans. * CVE-2025-48734 A flaw was found in Apache Commons BeanUtils. This vulnerability allows remote attackers to execute arbitrary code via uncontrolled access to the declaredClass property on Java enum objects, which can expose the class loader when property paths are passed from external sources to methods like getProperty() or getNestedProperty(). Important Copyright 2025 Softline PJSC CVE-2025-48734 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-21961 In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix truesize for mb-xdp-pass case. * CVE-2025-21963 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option. * CVE-2025-21969 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free. * CVE-2025-21979 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel wiphy_work before freeing wiphy. * CVE-2025-21999 In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode(). * CVE-2025-22126 In the Linux kernel, the following vulnerability has been resolved: md: fix mddev uaf while iterating all_mddevs list. * CVE-2025-37750 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel. Important Copyright 2025 Softline PJSC CVE-2025-21961 CVE-2025-21963 CVE-2025-21969 CVE-2025-21979 CVE-2025-21999 CVE-2025-22126 CVE-2025-37750 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. * CVE-2025-5455 A flaw was found in QtCore's qDecodeDataUrl() function. This vulnerability allows an application level denial of service via a malformed data URL with a missing charset value when assertions are enabled. Moderate Copyright 2025 Softline PJSC CVE-2025-5455 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2023-52933 In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattr_ids count. Moderate Copyright 2025 Softline PJSC CVE-2023-52933 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Command line utility to control osbuild-composer * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication. * CVE-2025-6020 A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. Important Copyright 2025 Softline PJSC CVE-2025-6020 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news. * CVE-2024-53920 In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.) Moderate Copyright 2025 Softline PJSC CVE-2024-53920 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_proxy_cluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. * CVE-2024-10306 A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive should be replaced by the <Location> directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might send MCMP requests that may result in adding/removing/updating nodes for the balancing. However, this host should not be accessible to the public network as it does not serve the general traffic. Moderate Copyright 2025 Softline PJSC CVE-2024-10306 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. * CVE-2025-25724 A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale. Moderate Copyright 2025 Softline PJSC CVE-2025-25724 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). * CVE-2025-3576 A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. Moderate Copyright 2025 Softline PJSC CVE-2025-3576 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. * CVE-2025-3891 A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability. Important Copyright 2025 Softline PJSC CVE-2025-3891 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID. * CVE-2025-6019 A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. Important Copyright 2025 Softline PJSC CVE-2025-6019 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2025-23166 A flaw was found in Node.js, specifically in the C++ method SignTraits::DeriveBits(). This vulnerability can allow a remote attacker to crash the Node.js runtime via untrusted input, triggering an exception in a background thread. Important Copyright 2025 Softline PJSC CVE-2025-23165 CVE-2025-23166 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2025-31498 A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing. * CVE-2025-3277 SQLite could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the concat_ws() function. Important Copyright 2025 Softline PJSC CVE-2025-31498 CVE-2025-3277 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2025-21605 A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted, and the memory is unavailable. When password authentication is enabled on the Redis server but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system runs out of memory. Important Copyright 2025 Softline PJSC CVE-2025-21605 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2025-31498 A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing. Moderate Copyright 2025 Softline PJSC CVE-2025-31498 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. * CVE-2024-11233 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas. * CVE-2024-11234 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. * CVE-2024-8929 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. * CVE-2025-1217 A flaw was found in PHP. This vulnerability allows misinterpretation of HTTP response headers, potentially leading to incorrect usage of headers, MIME types, and other response attributes via incorrect parsing of folded headers in the HTTP request module. * CVE-2025-1219 A flaw was found in PHP's DOM and SimpleXML extensions. This vulnerability allows incorrect parsing of a redirected HTTP resource via improper content-type header handling. * CVE-2025-1734 A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon (:), which may confuse applications into processing them as valid headers. * CVE-2025-1736 A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers. * CVE-2025-1861 A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size. Moderate Copyright 2025 Softline PJSC CVE-2024-11233 CVE-2024-11234 CVE-2024-8929 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. * CVE-2024-11235 A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the __set magic method or the null coalescing assignment (??=) operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout through specially crafted inputs. * CVE-2025-1217 A flaw was found in PHP. This vulnerability allows misinterpretation of HTTP response headers, potentially leading to incorrect usage of headers, MIME types, and other response attributes via incorrect parsing of folded headers in the HTTP request module. * CVE-2025-1219 A flaw was found in PHP's DOM and SimpleXML extensions. This vulnerability allows incorrect parsing of a redirected HTTP resource via improper content-type header handling. * CVE-2025-1734 A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon (:), which may confuse applications into processing them as valid headers. * CVE-2025-1736 A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers. * CVE-2025-1861 A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size. Important Copyright 2025 Softline PJSC CVE-2024-11235 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2025-23166 A flaw was found in Node.js, specifically in the C++ method SignTraits::DeriveBits(). This vulnerability can allow a remote attacker to crash the Node.js runtime via untrusted input, triggering an exception in a background thread. Important Copyright 2025 Softline PJSC CVE-2025-23165 CVE-2025-23166 CVE-2025-23167 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2024-10976 A flaw was found in PostgreSQL. This vulnerability allows incorrect row-level security policies to be applied via subqueries, WITH queries, security invoker views, or SQL-language functions that reference tables with row-level security policies. This issue arises when a query is planned under one role and executed under another, potentially leading to unauthorized reads or modifications of data. * CVE-2024-10978 A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability. * CVE-2024-10979 A flaw was found in PostgreSQL PL/Perl. This vulnerability allows an unprivileged database user to change sensitive process environment variables (e.g., PATH) via incorrect control of environment variables. Important Copyright 2025 Softline PJSC CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2025-22150 A flaw was found in the undici package for Node.js. Undici uses Math.random() to choose the boundary for a multipart/form-data request. It is known that the output of Math.random() can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met. * CVE-2025-23083 A flaw was found in the Node.js diagnostics_channel. This vulnerability allows an attacker to reinstate and misuse worker constructors, potentially bypassing the Permission Model via hooking into events when a worker thread is created. * CVE-2025-23085 A vulnerability was found in NodeJS when handling HTTP/2 connections, where the remote peer abruptly closes the socket without sending the proper HTTP/2 notification to the server, leading to a memory leak. This flaw allows an attacker to force the targeted process in the targeted host to an uncontrollable resource consumption state, starving the process and possibly other processes running at the same host to memory starvation, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-22150 CVE-2025-23083 CVE-2025-23085 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2025-25186 A flaw was found in Ruby's net-imap library. In certain versions, there is a possibility for denial of service by memory exhaustion in the net-imap response parser. At any time while the client is connected, a malicious server can send highly compressed uid-set data, which is automatically read by the client's receiver thread. The response parser converts the uid-set data into arrays of integers with no limitation on the expanded size of the ranges, which can trigger memory exhaustion. * CVE-2025-27219 A flaw was found in Ruby's CGI gem. Processing specially crafted large cookies with the CGI::Cookie.parse method can cause excessive resource consumption due to a missing limit on the length of the raw cookie value, resulting in a denial of service. * CVE-2025-27221 A flaw was found in the URI ruby gem package, where userinfo leakage can occur in the uri gem. The methods URI#join, URI#merge, and URI#+ retained userinfo, such as user:password, even after the host is replaced. When generating a URL to a malicious host from a URL containing secret userinfo using these methods, and having someone access that URL, an unintended userinfo leak can occur. Moderate Copyright 2025 Softline PJSC CVE-2025-25186 CVE-2025-27219 CVE-2025-27221 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2024-41123 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, `>]` and `]>`. The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities. * CVE-2024-41946 A flaw was found in the REXML package. Reading an XML file that contains many entity expansions may lead to a denial of service due to resource starvation. An attacker can use this flaw to trick a user into processing an untrusted XML file. * CVE-2024-43398 A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service (DoS) when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2 parser API are not affected. * CVE-2024-39908 REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. * CVE-2025-27219 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies. * CVE-2025-27220 In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method. * CVE-2025-27221 In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host. Moderate Copyright 2025 Softline PJSC CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 CVE-2025-27219 CVE-2025-27220 CVE-2025-27221 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. * CVE-2024-7347 NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Moderate Copyright 2025 Softline PJSC CVE-2024-7347 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. * CVE-2024-7347 NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Moderate Copyright 2025 Softline PJSC CVE-2024-7347 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. * CVE-2024-21096 Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. Moderate Copyright 2025 Softline PJSC CVE-2024-21096 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2025-22150 A flaw was found in the undici package for Node.js. Undici uses Math.random() to choose the boundary for a multipart/form-data request. It is known that the output of Math.random() can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met. * CVE-2025-23085 A vulnerability was found in NodeJS when handling HTTP/2 connections, where the remote peer abruptly closes the socket without sending the proper HTTP/2 notification to the server, leading to a memory leak. This flaw allows an attacker to force the targeted process in the targeted host to an uncontrollable resource consumption state, starving the process and possibly other processes running at the same host to memory starvation, leading to a denial of service. Moderate Copyright 2025 Softline PJSC CVE-2025-22150 CVE-2025-23085 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2025-22150 A flaw was found in the undici package for Node.js. Undici uses Math.random() to choose the boundary for a multipart/form-data request. It is known that the output of Math.random() can be predicted if several of its generated values are known. If an app has a mechanism that sends multipart requests to an attacker-controlled website, it can leak the necessary values. Therefore, an attacker can tamper with the requests going to the backend APIs if certain conditions are met. * CVE-2025-23083 A flaw was found in the Node.js diagnostics_channel. This vulnerability allows an attacker to reinstate and misuse worker constructors, potentially bypassing the Permission Model via hooking into events when a worker thread is created. * CVE-2025-23085 A vulnerability was found in NodeJS when handling HTTP/2 connections, where the remote peer abruptly closes the socket without sending the proper HTTP/2 notification to the server, leading to a memory leak. This flaw allows an attacker to force the targeted process in the targeted host to an uncontrollable resource consumption state, starving the process and possibly other processes running at the same host to memory starvation, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-22150 CVE-2025-23083 CVE-2025-23085 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. * CVE-2024-11233 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas. * CVE-2024-11234 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. * CVE-2024-8929 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. * CVE-2025-1217 A flaw was found in PHP. This vulnerability allows misinterpretation of HTTP response headers, potentially leading to incorrect usage of headers, MIME types, and other response attributes via incorrect parsing of folded headers in the HTTP request module. * CVE-2025-1219 A flaw was found in PHP's DOM and SimpleXML extensions. This vulnerability allows incorrect parsing of a redirected HTTP resource via improper content-type header handling. * CVE-2025-1734 A flaw was found in PHP. This vulnerability allows applications to accept invalid headers via malformed HTTP headers missing a colon (:), which may confuse applications into processing them as valid headers. * CVE-2025-1736 A flaw was found in PHP. This vulnerability allows certain headers to be either not sent or misinterpreted due to insufficient validation of the end-of-line characters via user-supplied headers. * CVE-2025-1861 A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size. Moderate Copyright 2025 Softline PJSC CVE-2024-11233 CVE-2024-11234 CVE-2024-8929 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2025-1094 Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected. Important Copyright 2025 Softline PJSC CVE-2025-1094 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. * CVE-2024-2756 Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications. * CVE-2024-3096 In PHP  version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00), testing a blank string as the password via password_verify() will incorrectly return true. * CVE-2024-5458 In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly. * CVE-2024-8925 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being processed. This could lead to malicious attacker able to control part of the submitted data being able to exclude portion of other data, potentially leading to erroneous application behavior. * CVE-2024-8927 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP. * CVE-2024-9026 A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data manipulation is possible via the same vector. Moderate Copyright 2025 Softline PJSC CVE-2024-2756 CVE-2024-3096 CVE-2024-5458 CVE-2024-8925 CVE-2024-8927 CVE-2024-9026 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. * CVE-2024-2756 Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications. * CVE-2024-3096 In PHP  version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00), testing a blank string as the password via password_verify() will incorrectly return true. * CVE-2024-5458 In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly. * CVE-2024-8925 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being processed. This could lead to malicious attacker able to control part of the submitted data being able to exclude portion of other data, potentially leading to erroneous application behavior. * CVE-2024-8927 In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP headers, which can lead to cgi.force_redirect option not being correctly applied. In certain configurations this may lead to arbitrary file inclusion in PHP. * CVE-2024-9026 A flaw was found in PHP-FPM, the FastCGI Process Manager. This vulnerability can allow an attacker to manipulate or remove up to 4 characters from log messages via crafted log content, potentially polluting or altering the final log. If PHP-FPM is configured to use syslog output, further log data manipulation is possible via the same vector. Moderate Copyright 2025 Softline PJSC CVE-2024-2756 CVE-2024-3096 CVE-2024-5458 CVE-2024-8925 CVE-2024-8927 CVE-2024-9026 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. * CVE-2024-49761 A flaw was found in the REXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between &# and x...; in a hex numeric character reference (&#x...;) can trigger a regular expression denial of service (ReDoS) condition, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2024-49761 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2023-45145 A flaw was found in Redis, an in-memory database that persists on disk. On startup, Redis listens on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. * CVE-2024-31228 A flaw was found in Redis. This flaw allows authenticated users to trigger a denial of service by using specially crafted, long string match patterns on supported commands such as KEYS, SCAN, PSUBSCRIBE, FUNCTION LIST, COMMAND LIST, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes. * CVE-2024-31449 A flaw was found in Redis. This flaw allows an authenticated user to use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. * CVE-2023-41053 Redis is an in-memory database that persists on disk. Redis does not correctly identify keys accessed by `SORT_RO` and as a result may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration. The problem exists in Redis 7.0 or newer and has been fixed in Redis 7.0.13 and 7.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. * CVE-2024-31227 A flaw was found in Redis. This flaw allows an authenticated attacker with sufficient privileges to create a malformed ACL selector that triggers a server panic and subsequent denial of service when accessed. Moderate Copyright 2025 Softline PJSC CVE-2023-41053 CVE-2023-45145 CVE-2024-31227 CVE-2024-31228 CVE-2024-31449 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2024-10976 A flaw was found in PostgreSQL. This vulnerability allows incorrect row-level security policies to be applied via subqueries, WITH queries, security invoker views, or SQL-language functions that reference tables with row-level security policies. This issue arises when a query is planned under one role and executed under another, potentially leading to unauthorized reads or modifications of data. * CVE-2024-10978 A flaw was found in PostgreSQL. This vulnerability allows a less-privileged application user to view or change unintended rows using SET ROLE, SET SESSION AUTHORIZATION, or equivalent features resulting in loss of confidentiality integrity and availability. * CVE-2024-10979 A flaw was found in PostgreSQL PL/Perl. This vulnerability allows an unprivileged database user to change sensitive process environment variables (e.g., PATH) via incorrect control of environment variables. Important Copyright 2025 Softline PJSC CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2025-1094 Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected. Important Copyright 2025 Softline PJSC CVE-2025-1094 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. * CVE-2024-52804 Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue. Important Copyright 2025 Softline PJSC CVE-2024-52804 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Moderate Copyright 2025 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. * CVE-2024-8508 A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that Unbound can perform per packet, meaning that if a specially crafted query is passed for the contents of a malicious zone with very large RRsets, Unbound may spend a considerable amount of time applying name compression to downstream replies, locking the CPU until the whole packet has been processed. Moderate Copyright 2025 Softline PJSC CVE-2024-8508 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. * CVE-2024-47537 A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of out-of-bounds writes, possibly allow code execution through heap manipulation. * CVE-2024-47539 Description A flaw was found in the GStreamer library. An out-of-bounds write in the MP4/MOV demuxer when handling CEA608 Closed Caption tracks can lead to crashes for certain input files. This vulnerability allows a malicious third party to trigger a crash of the application and perform code execution through heap manipulation. * CVE-2024-47540 A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash. * CVE-2024-47606 A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemux_parse_theora_extension function. This issue leads to a small amount of memory being allocated to store a large input size, resulting in an out-of-bounds write. * CVE-2024-47613 A flaw was found in the gdk-pixbuf decoder in the GStreamer library. Processing a specially crafted input file can cause a NULL pointer dereference due to an unchecked return value, resulting in an application crash and a denial of service. Important Copyright 2025 Softline PJSC CVE-2024-47537 CVE-2024-47539 CVE-2024-47540 CVE-2024-47606 CVE-2024-47613 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. * CVE-2024-50612 libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. Moderate Copyright 2025 Softline PJSC CVE-2024-50612 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2025 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The golang packages provide the Go programming language compiler. * CVE-2024-24791 The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. * CVE-2024-34155 A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. * CVE-2024-34158 A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. Important Copyright 2025 Softline PJSC CVE-2024-24791 CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. * CVE-2024-34156 A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Important Copyright 2025 Softline PJSC CVE-2024-34156 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The golang packages provide the Go programming language compiler. * CVE-2025-4673 A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties. Moderate Copyright 2025 Softline PJSC CVE-2025-4673 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment. * CVE-2025-5024 A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd. Moderate Copyright 2025 Softline PJSC CVE-2025-5024 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 File::Find::Rule is a friendlier interface to File::Find. It allows you to build rules which specify the desired files and directories. * CVE-2011-10007 A flaw was found in perl-file-find-rule. The grep() function within File::Find::Rule versions up to 0.34 is vulnerable to arbitrary code execution if provided with a specially crafted filename. This vulnerability allows an attacker to supply a filename that, when opened, executes arbitrary code via the open() function's mode parameter. Consequently, an attacker can achieve remote code execution by providing a malicious filename. Important Copyright 2025 Softline PJSC CVE-2011-10007 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. * CVE-2025-5702 A flaw was found in the optimized strcmp glibc function for the Power10 CPU architecture. GNU C library versions from 2.39 onward overwrite two vector registers in a way that can disrupt the control flow of a program. Moderate Copyright 2025 Softline PJSC CVE-2025-5702 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The iputils packages contain basic utilities for monitoring a network, including ping. * CVE-2025-47268 A flaw was found in iputils ping, where a signed integer overflow occurs in timestamp multiplication. This issue could lead to incorrect timestamp calculations or denial of service when processing crafted ICMP Echo Reply packets. Moderate Copyright 2025 Softline PJSC CVE-2025-47268 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. * CVE-2025-40908 YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified. Important Copyright 2025 Softline PJSC CVE-2025-40908 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. * CVE-2025-49175 A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. * CVE-2025-49176 A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check. * CVE-2025-49178 A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service. * CVE-2025-49179 A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks. * CVE-2025-49180 A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate. Important Copyright 2025 Softline PJSC CVE-2025-49175 CVE-2025-49176 CVE-2025-49178 CVE-2025-49179 CVE-2025-49180 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. * CVE-2025-49175 A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. * CVE-2025-49176 A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check. * CVE-2025-49178 A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service. * CVE-2025-49179 A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks. * CVE-2025-49180 A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate. Important Copyright 2025 Softline PJSC CVE-2025-49175 CVE-2025-49176 CVE-2025-49178 CVE-2025-49179 CVE-2025-49180 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2025-6032 A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack. Important Copyright 2025 Softline PJSC CVE-2025-6032 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. * CVE-2024-23337 Integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. * CVE-2025-48060 A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service. Moderate Copyright 2025 Softline PJSC CVE-2024-23337 CVE-2025-48060 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-47273 A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools. Moderate Copyright 2025 Softline PJSC CVE-2025-47273 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-21991 In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes. Moderate Copyright 2025 Softline PJSC CVE-2025-21991 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. * CVE-2025-32462 A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option (-h or --host). When using the default sudo security policy plugin (sudoers), the host option is intended to be used in conjunction with the list option (-l or --list) to determine what permissions a user has on a different system. However, this restriction can be bypassed, allowing a user to elevate their privileges on one system to the privileges they may have on a different system, effectively ignoring the host identifier in any sudoers rules. This vulnerability is particularly impactful for systems that share a single sudoers configuration file across multiple computers or use network-based user directories, such as LDAP, to provide sudoers rules on a system. Important Copyright 2025 Softline PJSC CVE-2025-32462 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. * CVE-2024-52533 A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior. * CVE-2025-4373 A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite. Moderate Copyright 2025 Softline PJSC CVE-2024-52533 CVE-2025-4373 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The socat utility establishes bi-directional byte streams and transfers data between them. The utility can establish streams between a large set of channels, such as files, pipes, devices, and sockets. * CVE-2024-54661 A flaw was found in the readline.sh script of Socat through version 1.8.0.1. This vulnerability can allow attackers to exploit improper use of a predictable temporary file. Moderate Copyright 2025 Softline PJSC CVE-2024-54661 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-6424 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. * CVE-2025-6425 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and normal/private browsing mode but not profiles. * CVE-2025-6429 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. * CVE-2025-6430 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a or tag, potentially making a website vulnerable to a cross-site scripting attack. * CVE-2025-5986 A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data (e.g. using /dev/urandom on Linux) or to leak Windows credentials via SMB links when the email is viewed in HTML mode. While user interaction is required to download the .pdf file, visual obfuscation can conceal the download trigger. Viewing the email in HTML mode is enough to load external content. Important Copyright 2025 Softline PJSC CVE-2025-5986 CVE-2025-6424 CVE-2025-6425 CVE-2025-6429 CVE-2025-6430 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-6424 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A use-after-free in FontFaceSet resulted in a potentially exploitable crash. * CVE-2025-6425 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and normal/private browsing mode but not profiles. * CVE-2025-6429 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. * CVE-2025-6430 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a or tag, potentially making a website vulnerable to a cross-site scripting attack. Important Copyright 2025 Softline PJSC CVE-2025-6424 CVE-2025-6425 CVE-2025-6429 CVE-2025-6430 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. * CVE-2024-50349 A flaw was found in Git. This vulnerability occurs when Git requests credentials via a terminal prompt, for example, without the use of a credential helper. During this process, Git displays the host name for which the credentials are needed, but any URL-encoded parts are decoded and displayed directly. This can allow an attacker to manipulate URLs by including ANSI escape sequences, which can be interpreted by the terminal to mislead users by tricking them into entering passwords that are redirected to malicious attacker-controlled sites. * CVE-2024-52006 A flaw was found in Git. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems, most notably .NET and node.js, interpret single Carriage Return characters as newlines, which render the protections against CVE-2020-5260 incomplete for credential helpers, which has the potential to expose stored credentials to malicious URLs. * CVE-2025-27613 A vulnerability has been identified in the gitk application that could lead to unauthorized file modification or data loss. * CVE-2025-27614 Git could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation of gitk filename. * CVE-2025-46835 A vulnerability was found in the git GUI package. When a user clones an untrusted repository and edits a file located in a maliciously named directory, git GUI may end up creating or overwriting arbitrary files for the running user has written permission. This flaw allows an attacker to modify the content of target files without the affected user's intent, resulting in a data integrity issue. * CVE-2025-48384 A line-end handling flaw was found in Git. When writing a config entry, values with a trailing carriage return (CR) are not quoted, resulting in the CR being lost when the config is read later. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read, resulting in the submodule being checked out to an incorrect location. * CVE-2025-48385 A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection. Important Copyright 2025 Softline PJSC CVE-2024-50349 CVE-2024-52006 CVE-2025-27613 CVE-2025-27614 CVE-2025-46835 CVE-2025-48384 CVE-2025-48385 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libxml2 library is a development toolbox providing the implementation of various XML standards. * CVE-2025-49794 A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors. * CVE-2025-49796 A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory. * CVE-2025-6021 A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. Important Copyright 2025 Softline PJSC CVE-2025-49794 CVE-2025-49796 CVE-2025-6021 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2022-49846 In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry(). * CVE-2025-21759 In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send(). * CVE-2025-21887 In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up. * CVE-2025-22004 In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send(). * CVE-2025-37799 In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp. Important Copyright 2025 Softline PJSC CVE-2022-49846 CVE-2025-21759 CVE-2025-21887 CVE-2025-22004 CVE-2025-37799 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-21883 A use-after-free vulnerability was discovered in the Linux kernel's Ethernet Connection E800 Series driver, which is responsible for managing network connections. This issue occurs when an attacker with local privileges intentionally triggers this error path, causing an error to occur in the ice_ena_vfs() function, a critical part of this driver. * CVE-2025-21919 In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list. * CVE-2025-22104 In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps. * CVE-2025-23150 In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split. * CVE-2025-37738 A use-after-free vulnerability has been discovered in the Linux kernel, specifically within the ext4_xattr_inode_dec_ref_all function (related to the ext4 filesystem's extended attributes). An attacker could exploit this flaw by providing a specially crafted payload, leading to a denial of service condition that compromises system availability. Moderate Copyright 2025 Softline PJSC CVE-2025-21883 CVE-2025-21919 CVE-2025-22104 CVE-2025-23150 CVE-2025-37738 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Nginx is open-source software that functions as a web server, reverse proxy, load balancer, and HTTP cache. It's known for its high performance, stability, and ability to handle a large number of concurrent connections with minimal resource usage. * CVE-2025-23419 A flaw was found in nginx. When name-based virtual hosts are configured to share the same IP address and port combination with TLS 1.3 and OpenSSL, a previously authenticated attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS session tickets are used, the SSL session cache is used in the default virtual server, and the default virtual server performs client certificate authentication. Moderate Copyright 2025 Softline PJSC CVE-2025-23419 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The microcode_ctl packages provide microcode updates for Intel and AMD processors. Security update * CVE-2024-28956 New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHI_NO, by leveraging in-kernel gadgets (potentially accessible via SECCOMP/cBPF), Branch Target Buffer (BTB) aliasing, and direct-to-indirect branch predictor training. While the root cause lies in CPU architectural behavior, the vulnerability manifests through kernel-level speculation paths, allowing attackers to potentially leak sensitive memory. * CVE-2024-43420 Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2024-45332 Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-20012 Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. * CVE-2025-20623 Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Core™ processors (10th Generation) may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2025-24495 Incorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access. Bug Fix * Update microcode_ctl to latest upstream [rhel-9.6.z]. * microcode_ctl: From CVEorg collector [rhel-9.6.z] (JIRA:RHEL-91226) * microcode_ctl: From CVEorg collector [rhel-9.6.z] (JIRA:RHEL-91233) * microcode_ctl: From CVEorg collector [rhel-9.6.z] (JIRA:RHEL-91241) Moderate Copyright 2025 Softline PJSC CVE-2024-28956 CVE-2024-43420 CVE-2024-45332 CVE-2025-20012 CVE-2025-20623 CVE-2025-24495 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. * CVE-2024-6174 An access permissions flaw was found in cloud-init. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded URL with a local IP address, which creates a security exposure. Important Copyright 2025 Softline PJSC CVE-2024-6174 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-12718 A flaw was found in CPython's tarfile module. This vulnerability allows modification of file metadata, such as timestamps or permissions, outside the intended extraction directory via maliciously crafted tar archives using the filter="data" or filter="tar" extraction filters. * CVE-2025-4138 A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract() or TarFile.extractall() with the filter= parameter set to "data" or "tar". * CVE-2025-4330 A flaw was found in CPython's tarfile module. This vulnerability allows bypassing of extraction filters, enabling symlink traversal outside the intended extraction directory and potential modification of file metadata via malicious tar archives using TarFile.extractall() or TarFile.extract() with the filter="data" or filter="tar" parameters. This issue leads to potentially overwriting or modifying system files and metadata. * CVE-2025-4435 A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms. * CVE-2025-4517 A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to "data" or "tar". Important Copyright 2025 Softline PJSC CVE-2024-12718 CVE-2025-4138 CVE-2025-4330 CVE-2025-4435 CVE-2025-4517 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-12718 A flaw was found in CPython's tarfile module. This vulnerability allows modification of file metadata, such as timestamps or permissions, outside the intended extraction directory via maliciously crafted tar archives using the filter="data" or filter="tar" extraction filters. * CVE-2025-4138 A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract() or TarFile.extractall() with the filter= parameter set to "data" or "tar". * CVE-2025-4330 A flaw was found in CPython's tarfile module. This vulnerability allows bypassing of extraction filters, enabling symlink traversal outside the intended extraction directory and potential modification of file metadata via malicious tar archives using TarFile.extractall() or TarFile.extract() with the filter="data" or filter="tar" parameters. This issue leads to potentially overwriting or modifying system files and metadata. * CVE-2025-4435 A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms. * CVE-2025-4517 A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to "data" or "tar". Important Copyright 2025 Softline PJSC CVE-2024-12718 CVE-2025-4138 CVE-2025-4330 CVE-2025-4435 CVE-2025-4517 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-12718 A flaw was found in CPython's tarfile module. This vulnerability allows modification of file metadata, such as timestamps or permissions, outside the intended extraction directory via maliciously crafted tar archives using the filter="data" or filter="tar" extraction filters. * CVE-2025-4138 A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract() or TarFile.extractall() with the filter= parameter set to "data" or "tar". * CVE-2025-4330 A flaw was found in CPython's tarfile module. This vulnerability allows bypassing of extraction filters, enabling symlink traversal outside the intended extraction directory and potential modification of file metadata via malicious tar archives using TarFile.extractall() or TarFile.extract() with the filter="data" or filter="tar" parameters. This issue leads to potentially overwriting or modifying system files and metadata. * CVE-2025-4435 A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms. * CVE-2025-4517 A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to "data" or "tar". Important Copyright 2025 Softline PJSC CVE-2024-12718 CVE-2025-4138 CVE-2025-4330 CVE-2025-4435 CVE-2025-4517 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. * CVE-2024-56337 A Time-of-check Time-of-use (TOCTOU) race condition occurs during JSP compilation on case-insensitive file systems when the default servlet is enabled for writing. This vulnerability allows an uploaded file to be treated as a JSP and executed, resulting in remote code execution. * CVE-2025-31650 A flaw was found in Apache Tomcat. This vulnerability allows an application-level denial of service (DoS), causing it to become unresponsive or slow via maliciously crafted HTTP/2 prioritization headers. It performs an incomplete cleanup of failed requests, which triggers a memory leak. Important Copyright 2025 Softline PJSC CVE-2024-56337 CVE-2025-31650 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. * CVE-2025-30749 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the 2D component could allow a remote attacker to cause high confidentiality impact and high integrity impact and high availability. * CVE-2025-30754 An unspecified vulnerability in Oracle Java SE related to the JSSE component could allow a remote attacker to cause low confidentiality impact and low integrity impact. * CVE-2025-50059 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause high confidentiality impact. * CVE-2025-50106 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the 2D component could allow a remote attacker to cause high confidentiality impact and high integrity impact and high availability. Important Copyright 2025 Softline PJSC CVE-2025-30749 CVE-2025-30754 CVE-2025-50059 CVE-2025-50106 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. * CVE-2025-30749 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the 2D component could allow a remote attacker to cause high confidentiality impact and high integrity impact and high availability. * CVE-2025-30754 An unspecified vulnerability in Oracle Java SE related to the JSSE component could allow a remote attacker to cause low confidentiality impact and low integrity impact. * CVE-2025-50059 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause high confidentiality impact. * CVE-2025-50106 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the 2D component could allow a remote attacker to cause high confidentiality impact and high integrity impact and high availability. Important Copyright 2025 Softline PJSC CVE-2025-30749 CVE-2025-30754 CVE-2025-50059 CVE-2025-50106 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. * CVE-2025-30749 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the 2D component could allow a remote attacker to cause high confidentiality impact and high integrity impact and high availability. * CVE-2025-30754 An unspecified vulnerability in Oracle Java SE related to the JSSE component could allow a remote attacker to cause low confidentiality impact and low integrity impact. * CVE-2025-50106 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the 2D component could allow a remote attacker to cause high confidentiality impact and high integrity impact and high availability. * CVE-2025-30761 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK related to the Scripting component could allow a remote attacker to cause high integrity impact. Important Copyright 2025 Softline PJSC CVE-2025-30749 CVE-2025-30754 CVE-2025-30761 CVE-2025-50106 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. * CVE-2025-47273 A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools. Moderate Copyright 2025 Softline PJSC CVE-2025-47273 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2025-32023 Redis could allow a local authenticated attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in hyperloglog commands. * CVE-2025-48367 Redis is vulnerable to a denial of service, caused by a bad connection error handling. Important Copyright 2025 Softline PJSC CVE-2025-32023 CVE-2025-48367 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-58002 A dangling pointer vulnerability was found in the Linux kernel. When an async control is written, a copy of a pointer is made in the file handle that started the operation. If the user closes that file descriptor, its structure will be freed and there will be one dangling pointer per pending async control that the driver will try to use, leading to denial of service of the system. * CVE-2025-38089 A flaw was found in the Linux kernel, where a specially crafted RPC packet could cause data corruption or trigger a system panic. This flaw allows a remote attacker who can make RPC calls to send an intentionally malformed packet, potentially compromising system integrity or causing a denial of service (DoS). Important Copyright 2025 Softline PJSC CVE-2024-58002 CVE-2025-38089 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other people to chat with, view printers to print with, and find shared files on other computers. * CVE-2024-52615 A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected. Moderate Copyright 2025 Softline PJSC CVE-2024-52615 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-8027 Mozilla Firefox could allow a remote attacker to obtain sensitive information. The JavaScript engine only wrote partial return value to stack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. * CVE-2025-8028 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM br_table instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of the branch address. * CVE-2025-8029 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags. * CVE-2025-8030 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by insufficient escaping in the “Copy as cURL” feature. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-8031 Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by incorrect URL stripping in CSP reports. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions. * CVE-2025-8032 Mozilla Firefox could allow a remote attacker to bypass security restrictions. The XSLT document loading did not correctly propagate the source document which bypassed its CSP. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions. * CVE-2025-8033 Mozilla Firefox is vulnerable to a denial of service, caused by the incorrect JavaScript state machine for generators. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to trigger a NULL pointer dereference error. * CVE-2025-8034 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-8035 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-8027 CVE-2025-8028 CVE-2025-8029 CVE-2025-8030 CVE-2025-8031 CVE-2025-8032 CVE-2025-8033 CVE-2025-8034 CVE-2025-8035 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. * CVE-2025-6965 There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. Important Copyright 2025 Softline PJSC CVE-2025-6965 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. * CVE-2025-6965 There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. Important Copyright 2025 Softline PJSC CVE-2025-6965 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-57980 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path. * CVE-2025-38086 In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during mii_nway_restart. * CVE-2025-21905 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file. * CVE-2025-22085 In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name. * CVE-2025-22091 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow. * CVE-2025-22113 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying. * CVE-2025-22121 In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all(). * CVE-2025-37797 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling. * CVE-2025-37958 In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry. * CVE-2025-38110 In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access. Moderate Copyright 2025 Softline PJSC CVE-2024-57980 CVE-2025-21905 CVE-2025-22085 CVE-2025-22091 CVE-2025-22113 CVE-2025-22121 CVE-2025-37797 CVE-2025-37958 CVE-2025-38086 CVE-2025-38110 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Perl is a high-level programming language that is commonly used for system administration utilities and web programming. * CVE-2025-40909 A flaw was found in the Perl standard library threads component. This vulnerability can allow a local attacker to exploit a race condition in directory handling to access files or load code from unexpected locations. Moderate Copyright 2025 Softline PJSC CVE-2025-40909 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. * CVE-2025-5994 A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet (ECS) must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS transaction ID with cache non-ECS poisoned replies. Important Copyright 2025 Softline PJSC CVE-2025-5994 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libtpms is a library providing Trusted Platform Module (TPM) functionality for virtual machines. * CVE-2025-49133 A flaw was found in libtpms. A heap buffer overflow can occur in the tpms_parse_pssh function when parsing a malformed Public Signature Key Exchange (PSK) structure. A local attacker can trigger this overflow by providing a crafted PSK structure to the library. This can lead to a denial of service or allow for arbitrary code execution. Moderate Copyright 2025 Softline PJSC CVE-2025-49133 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-43871 In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu(). * CVE-2024-42265 In the Linux kernel, the following vulnerability has been resolved: protect the fetch of ->fd[fd] in do_dup2() from mispredictions. * CVE-2024-38541 A buffer overflow flaw was found in of_modalias() in the Linux kernel, occurring after the first snprintf() call. This issue could result in loss of availability of the system. * CVE-2024-43889 A denial of service vulnerability exists in the Linux kernel. A possible divide-by-0 is in the padata_mt_helper() function when the ps->chunk_size is 0. This vulnerability could result in a loss of system availability. * CVE-2024-44989 In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference. * CVE-2024-50256 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6(). * CVE-2022-48969 In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration. * CVE-2022-48989 In the Linux kernel, the following vulnerability has been resolved: fscache: Fix oops due to race with cookie_lru and use_cookie. * CVE-2022-49006 In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed. * CVE-2022-49014 In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach(). * CVE-2022-49029 In the Linux kernel, the following vulnerability has been resolved: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails. * CVE-2023-52672 In the Linux kernel, the following vulnerability has been resolved: pipe: wakeup wr_wait after setting max_usage. * CVE-2023-52917 In the Linux kernel, the following vulnerability has been resolved: ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir(). * CVE-2024-27008 In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access. * CVE-2024-27398 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout. * CVE-2024-35891 In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Fix potential null pointer dereference. * CVE-2024-35933 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fix null ptr deref in btintel_read_version. * CVE-2024-35934 Linux Kernel is vulnerable to a denial of service, caused by a flaw related to rtnl pressure in smc_pnet_create_pnetids_list(). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-35963 Linux Kernel is vulnerable to a denial of service, caused by improper validation of setsockopt user input. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-35964 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data. * CVE-2024-35965 CVE-2024-35965 is a vulnerability in the Linux kernel's Bluetooth L2CAP implementation, caused by inadequate input length validation in the setsockopt function. This flaw allows overly large user-provided data to be copied into kernel memory, potentially leading to buffer overflows, system instability, or privilege escalation. The issue has been fixed by adding proper checks to ensure data size is within acceptable limits. Users should update their Linux kernel to the patched version to mitigate this risk. * CVE-2024-35966 Linux Kernel is vulnerable to a denial of service, caused by not validating setsockopt user input by the Bluetooth: RFCOMM module. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-35967 This CVE pertains to a vulnerability in the Linux kernel's Bluetooth subsystem, specifically within the SCO (Synchronous Connection-Oriented) protocol. The issue arises from the sco_sock_setsockopt() function, which copies data without properly validating the length of user input. This oversight can lead to a slab-out-of-bounds read, potentially causing system instability or crashes. * CVE-2024-35978 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete(). * CVE-2024-36011 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix potential null-ptr-deref. * CVE-2024-36012 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msft_do_close(). * CVE-2024-36013 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect(). * CVE-2024-36880 Linux Kernel is vulnerable to a denial of service, caused by missing firmware sanity checks. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. * CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init(). * CVE-2024-39500 In the Linux kernel, the following vulnerability has been resolved: sock_map: avoid race between sock_map_close and sk_psock_put. * CVE-2024-40956 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list. * CVE-2024-41010 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry. * CVE-2024-41062 In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release. * CVE-2024-42133 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Ignore too large handle values in BIG. * CVE-2024-42253 In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race. * CVE-2024-42278 In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdev_load_calibrated_data(). * CVE-2024-42291 Linux Kernel is vulnerable to a denial of service, caused by a resource exhaustion in ice/ice_ethtool_fdir.c. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service. * CVE-2024-42294 In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sd_remove & sd_release. * CVE-2024-42302 In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal. * CVE-2024-42304 Linux Kernel is vulnerable to a denial of service, caused by a flaw related to the first directory block is a hole. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-42305 Linux Kernel is vulnerable to a denial of service, caused by not checking dot and dotdot of dx_root before making dir indexed. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-42312 Linux Kernel is vulnerable to a denial of service, caused by improper initialization in i_uid/i_gid. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-42315 In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on __exfat_get_dentry_set. * CVE-2024-42316 In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressure_calc_level(). * CVE-2024-42321 Linux Kernel is vulnerable to a denial of service, caused by a flaw in flow_dissector.c. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. * CVE-2024-43820 Linux Kernel is vulnerable to a denial of service, caused by a flaw in dm-raid.c. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. * CVE-2024-43821 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix a possible null pointer dereference. * CVE-2024-43823 In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs(). * CVE-2024-43828 In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fast_commit. * CVE-2024-43834 In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of page_pool_destroy(). * CVE-2024-43846 In the Linux kernel, the following vulnerability has been resolved: lib: objagg: Fix general protection fault. * CVE-2024-43853 In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proc_cpuset_show(). * CVE-2024-43873 In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow. * CVE-2024-43882 In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage. * CVE-2024-43884 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device(). * CVE-2024-43898 Linux Kernel is vulnerable to a denial of service, caused by a Null pointer dereference in ext4_force_shutdown of 'ext4: sanity'. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. * CVE-2024-43910 In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses. * CVE-2024-43914 In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUG_ON() while continue reshape after reassembling. * CVE-2024-44931 In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpio_device_get_desc(). * CVE-2024-44932 In the Linux kernel, the following vulnerability has been resolved: idpf: fix UAFs when destroying the queues. * CVE-2024-44934 In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: wait for previous gc cycles when removing port. * CVE-2024-44952 A vulnerability in the Linux kernel's driver core related to uevent_show() and driver detach has been identified. The issue involved a race condition where uevent_show() attempted to dereference dev->driver->name, leading to a potential deadlock due to improper locking. While this could cause system instability, an attacker would need the ability to manipulate device attributes and timing precisely, making exploitation impractical. * CVE-2024-44958 In the Linux kernel, the following vulnerability has been resolved: sched/smt: Fix unbalance sched_smt_present dec/inc. * CVE-2024-44964 In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leaks and crashes while performing a soft reset. * CVE-2024-44975 In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: fix panic caused by partcmd_update. * CVE-2024-44987 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb(). * CVE-2024-45000 In the Linux kernel, the following vulnerability has been resolved: fs/netfs/fscache_cookie: add missing "n_accesses" check. * CVE-2024-45009 In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement add_addr_accepted for MPJ req. * CVE-2024-45010 In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only mark 'subflow' endp as available. * CVE-2024-45016 In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails. * CVE-2024-45022 In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0. * CVE-2024-46673 In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure. * CVE-2024-46675 In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: Prevent USB core invalid event buffer address access. * CVE-2024-46711 In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations. * CVE-2024-46722 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mc_data out-of-bounds read warning. * CVE-2024-46723 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ucode out-of-bounds read warning. * CVE-2024-46724 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number. * CVE-2024-46725 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write warning. * CVE-2024-46743 In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk. * CVE-2024-46745 In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots. * CVE-2024-46747 In the Linux kernel, the following vulnerability has been resolved: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup. * CVE-2024-46750 In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock(). * CVE-2024-46754 In the Linux kernel, the following vulnerability has been resolved: bpf: Remove tst_run from lwt_seg6local_prog_ops. * CVE-2024-46756 A vulnerability in the Linux kernel's hwmon subsystem (w83627ehf driver) has been identified, where writing large negative values (e.g., -9223372036854775808) to limit attributes caused an underflow due to improper ordering of operations in DIV_ROUND_CLOSEST(). An attacker with write access to these attributes could potentially trigger unexpected behavior or system instability. * CVE-2024-46758 A buffer underrun vulnerability was found in the Linux kernel. DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number, such as -9223372036854775808, is provided by the user, resulting in loss of availability of the system. * CVE-2024-46759 In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes. * CVE-2024-46761 In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv. * CVE-2024-46783 In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg(). * CVE-2024-46786 In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF. * CVE-2024-46787 In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs. * CVE-2024-46800 In the Linux kernel, the following vulnerability has been resolved: sch/netem: fix use after free in netem_dequeue. * CVE-2024-46805 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix the waring dereferencing hive. * CVE-2024-46806 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the warning division or modulo by zero. * CVE-2024-46807 In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: Check tbo resource pointer. * CVE-2024-46819 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbio_v7_4. * CVE-2024-46820 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend. * CVE-2024-46822 In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry. * CVE-2024-46828 In the Linux kernel, the following vulnerability has been resolved: sched: sch_cake: fix bulk flow accounting logic for host fairness. * CVE-2024-46835 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix smatch static checker warning. * CVE-2024-46839 A performance issue in the Linux Kernel's workqueue subsystem can cause hard lockups on high-CPU systems during operations like CPU hotplugging. The issue arises from contention when multiple CPUs update the global wq_watchdog_touched variable, leading to degraded performance and lockups in workqueue management routines. * CVE-2024-46853 In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug. * CVE-2024-46864 In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: fix kexec crash due to VP assist page corruption. * CVE-2024-46871 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX. * CVE-2024-47141 In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data. * CVE-2024-47660 In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily. * CVE-2024-47668 In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc(). * CVE-2024-47678 In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits. * CVE-2024-47685 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put(). * CVE-2024-47687 In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy. * CVE-2024-47692 In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0. * CVE-2024-47700 In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well. * CVE-2024-47703 In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value. * CVE-2024-47705 In the Linux kernel, the following vulnerability has been resolved: block: fix potential invalid pointer dereference in blk_add_partition. * CVE-2024-47706 In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain. * CVE-2024-47710 In the Linux kernel, the following vulnerability has been resolved: sock_map: Add a cond_resched() in sock_hash_free(). * CVE-2024-47713 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop(). * CVE-2024-47715 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986. * CVE-2024-47718 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: always wait for both firmware loading attempts. * CVE-2024-47719 In the Linux kernel, the following vulnerability has been resolved: iommufd: Protect against overflow of ALIGN() during iova allocation. * CVE-2024-47737 In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL. * CVE-2024-47738 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either. * CVE-2024-47739 In the Linux kernel, the following vulnerability has been resolved: padata: use integer wrap around to prevent deadlock on seq_nr overflow. * CVE-2024-47745 In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages(). * CVE-2024-47748 In the Linux kernel, the following vulnerability has been resolved: vhost_vdpa: assign irq bypass producer token correctly. * CVE-2024-48873 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR. * CVE-2024-49569 Linux Kernel is vulnerable to a denial of service, caused by a flaw in nvme-rdma. * CVE-2024-49851 In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up TPM space after command failure. * CVE-2024-49856 In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Fix deadlock in SGX NUMA node search. * CVE-2024-49860 In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method. * CVE-2024-49862 In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix off by one in get_rpi(). * CVE-2024-49870 In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix dentry leak in cachefiles_open_file(). * CVE-2024-49875 In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to nfserr_io to avoid warning. * CVE-2024-49878 In the Linux kernel, the following vulnerability has been resolved: resource: fix region_intersects() vs add_memory_driver_managed(). * CVE-2024-49881 In the Linux kernel, the following vulnerability has been resolved: ext4: update orig_path in ext4_find_extent(). * CVE-2024-49882 In the Linux kernel, the following vulnerability has been resolved: ext4: fix double brelse() the buffer of the extents path. * CVE-2024-49883 In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent(). * CVE-2024-49884 In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at(). * CVE-2024-49885 In the Linux kernel, the following vulnerability has been resolved: mm, slub: avoid zeroing kmalloc redzone. * CVE-2024-49886 In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug. * CVE-2024-49889 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4_ext_show_leaf(). * CVE-2024-49904 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add list empty check to avoid null pointer issue. * CVE-2024-49927 In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully. * CVE-2024-49928 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid reading out of bounds when loading TX power FW elements. * CVE-2024-49929 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference. * CVE-2024-49930 In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats. * CVE-2024-49933 In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts. * CVE-2024-49934 In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name. * CVE-2024-49935 In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin(). * CVE-2024-49937 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Set correct chandef when starting CAC. * CVE-2024-49938 In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit. * CVE-2024-49939 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to add interface to list twice when SER. * CVE-2024-49946 In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in ppp_channel_bridge_input(). * CVE-2024-49948 In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init(). * CVE-2024-49950 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2cap_connect. * CVE-2024-49951 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed. * CVE-2024-49954 In the Linux kernel, the following vulnerability has been resolved: static_call: Replace pointless WARN_ON() in static_call_module_notify(). * CVE-2024-49959 In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error. * CVE-2024-49960 In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount. * CVE-2024-49962 In the Linux kernel, the following vulnerability has been resolved: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package(). * CVE-2024-49967 In the Linux kernel, the following vulnerability has been resolved: ext4: no need to continue when the number of entries is 1. * CVE-2024-49968 In the Linux kernel, the following vulnerability has been resolved: ext4: filesystems without casefold feature cannot be mounted with siphash. * CVE-2024-49971 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase array size of dummy_boolean. * CVE-2024-49973 In the Linux kernel, the following vulnerability has been resolved: r8169: add tally counter fields added with RTL8125. * CVE-2024-49974 In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations. * CVE-2024-49975 In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "[uprobes]" vma. * CVE-2024-49977 In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix zero-division error when disabling tc cbs. * CVE-2024-49983 In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free. * CVE-2024-49991 In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer. * CVE-2024-49993 A vulnerability has been identified in the Linux kernel's IOMMU (iommu/vt-d) subsystem, where calling qi_submit_sync() with zero invalidation descriptors could lead to a soft lockup due to misinterpreted descriptor statuses. An attacker with control over IOMMU operations could potentially trigger a deadlock, causing system instability. * CVE-2024-49994 In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD. * CVE-2024-49995 A string buffer over-run was found in the Linux kernel. Copying media_name and if_name to name_parts may overwrite the destination, resulting in a software crash. * CVE-2024-49999 In the Linux kernel, the following vulnerability has been resolved: afs: Fix the setting of the server responding flag. * CVE-2024-50002 In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module(). * CVE-2024-50006 In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate(). * CVE-2024-50008 In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext(). * CVE-2024-50009 In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value. * CVE-2024-50013 In the Linux kernel, the following vulnerability has been resolved: exfat: fix memory leak in exfat_load_bitmap(). * CVE-2024-50014 In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path. * CVE-2024-50015 In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing. * CVE-2024-50018 A vulnerability has been identified in the Linux kernel's networking (net: napi) subsystem, where an integer overflow in napi_defer_hard_irqs allowed writing values exceeding S32_MAX, causing unintended negative values. This could lead to unexpected behavior in NAPI IRQ deferral, potentially impacting network performance. An attacker with sysfs write access could exploit this to manipulate IRQ handling inconsistently. * CVE-2024-50019 In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread. * CVE-2024-50022 In the Linux kernel, the following vulnerability has been resolved: device-dax: correct pgoff align in dax_set_mapping(). * CVE-2024-50023 In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs list on unregister. * CVE-2024-50024 In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list. * CVE-2024-50027 In the Linux kernel, the following vulnerability has been resolved: thermal: core: Free tzp copy along with the thermal zone. * CVE-2024-50028 In the Linux kernel, the following vulnerability has been resolved: thermal: core: Reference count the zone in thermal_zone_get_by_id(). * CVE-2024-50029 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync. * CVE-2024-50033 In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets. * CVE-2024-50035 In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access. * CVE-2024-50038 In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed. * CVE-2024-50039 In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCA_STAB only for root qdisc. * CVE-2024-50044 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change. * CVE-2024-50046 In the Linux kernel, the following vulnerability has been resolved: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies(). * CVE-2024-50047 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption. * CVE-2024-50055 In the Linux kernel, the following vulnerability has been resolved: driver core: bus: Fix double free in driver API bus_register(). * CVE-2024-50057 In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested before. * CVE-2024-50058 In the Linux kernel, the following vulnerability has been resolved: serial: protect uart_port_dtr_rts() in uart_shutdown() too. * CVE-2024-50064 In the Linux kernel, the following vulnerability has been resolved: zram: free secondary algorithms names. * CVE-2024-50067 In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args. * CVE-2024-50073 In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux. * CVE-2024-50074 In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access. * CVE-2024-50075 In the Linux kernel, the following vulnerability has been resolved: xhci: tegra: fix checked USB2 port number. * CVE-2024-50077 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix multiple init when debugfs is disabled. * CVE-2024-50078 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Call iso_exit() on module unload. * CVE-2024-50081 In the Linux kernel, the following vulnerability has been resolved: blk-mq: setup queue ->tag_set before initializing hctx. * CVE-2024-50082 In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race. * CVE-2024-50093 In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload. * CVE-2024-50101 In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices. * CVE-2024-50102 In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue. * CVE-2024-50106 In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid. * CVE-2024-50107 In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses. * CVE-2024-50109 In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10_size(). * CVE-2024-50117 In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method. * CVE-2024-50120 In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords. * CVE-2024-50121 In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net. * CVE-2024-50126 In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump(). * CVE-2024-50127 In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change(). * CVE-2024-50128 In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy. * CVE-2024-50130 In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace. * CVE-2024-50141 In the Linux kernel, the following vulnerability has been resolved: ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context. * CVE-2024-50143 In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udf_get_fileshortad. * CVE-2024-50150 In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent. * CVE-2024-50151 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request. * CVE-2024-50152 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea(). * CVE-2024-50153 In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in target_alloc_device(). * CVE-2024-50162 In the Linux kernel, the following vulnerability has been resolved: bpf: devmap: provide rxq after redirect. * CVE-2024-50163 In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI bpf_redirect flags don't overlap. * CVE-2024-50169 In the Linux kernel, the following vulnerability has been resolved: vsock: Update rx_bytes on read_skb(). * CVE-2024-50182 In the Linux kernel, the following vulnerability has been resolved: secretmem: disable memfd_secret() if arch cannot set direct map. * CVE-2024-50186 In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf->create fails. * CVE-2024-50189 In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent(). * CVE-2024-50191 In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SB_RDONLY after filesystem errors. * CVE-2024-50197 In the Linux kernel, the following vulnerability has been resolved: pinctrl: intel: platform: fix error path in device_for_each_child_node(). * CVE-2024-50199 Linux Kernel is vulnerable to a denial of service, caused by a flaw in mm/swapfile. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. * CVE-2024-50200 Linux Kernel is vulnerable to a denial of service, caused by a flaw in maple_tree. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. * CVE-2024-50201 In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix encoder->possible_clones. * CVE-2024-50215 In the Linux kernel, the following vulnerability has been resolved: nvmet-auth: assign dh_key to NULL after kfree_sensitive. * CVE-2024-50216 In the Linux kernel, the following vulnerability has been resolved: xfs: fix finding a last resort AG in xfs_filestream_pick_ag. * CVE-2024-50219 A vulnerability in the Linux kernel's memory management (mm/page_alloc) has been identified, where GFP_ATOMIC order-0 allocations could fail under memory pressure, despite available highatomic reserves. This issue caused packet loss in high-performance networking environments, as observed on Cloudflare's fleet. An attacker could theoretically exploit this by inducing high memory contention, potentially impacting real-time operations. However, since the fix ensures proper fallback behavior without introducing a security risk, the issue has been rejected as a CVE. * CVE-2024-50228 A vulnerability was identified in the Linux kernel’s shmem subsystem, where a data race in shmem_getattr() could cause inconsistent inode timestamps due to concurrent access by generic_fillattr() and operations like shmem_unlink() or shmem_mknod(). This issue, detected by Kernel Concurrency Sanitizer (KCSAN), could lead to unexpected behavior when retrieving file attributes. An attacker could potentially exploit this by triggering rapid file operations to induce race conditions, causing unpredictable system responses. * CVE-2024-50235 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear wdev->cqm_config pointer on free. * CVE-2024-50236 In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx. * CVE-2024-50237 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower. * CVE-2024-50261 In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet. * CVE-2024-50271 In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic. * CVE-2024-50272 In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read(). * CVE-2024-50278 In the Linux kernel, the following vulnerability has been resolved: dm cache: fix potential out-of-bounds access on the first resume. * CVE-2024-50282 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read(). * CVE-2024-50299 In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb(). * CVE-2024-50304 In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find(). * CVE-2024-53042 In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow(). * CVE-2024-53044 In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext(). * CVE-2024-53047 In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcu_read_lock. * CVE-2024-53050 In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in hdcp2_get_capability. * CVE-2024-53051 In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability. * CVE-2024-53055 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction. * CVE-2024-53057 In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT. * CVE-2024-53059 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd(). * CVE-2024-53060 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported. * CVE-2024-53070 In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended. * CVE-2024-53072 In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available. * CVE-2024-53074 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't leak a link on AP removal. * CVE-2024-53082 In the Linux kernel, the following vulnerability has been resolved: virtio_net: Add hash_key_length check. * CVE-2024-53085 In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first. * CVE-2024-53091 In the Linux kernel, the following vulnerability has been resolved: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx. * CVE-2024-53093 In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning. * CVE-2024-53095 In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after-free of network namespace. * CVE-2024-53096 In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmap_region() error path behaviour. * CVE-2024-53097 In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fix MTE false alarm in __do_krealloc. * CVE-2024-53103 In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer. * CVE-2024-53105 In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare(). * CVE-2024-53110 In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix id_table array not null terminated error. * CVE-2024-53117 In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Improve MSG_ZEROCOPY error handling. * CVE-2024-53118 In the Linux kernel, the following vulnerability has been resolved: vsock: Fix sk_error_queue memory leak. * CVE-2024-53120 In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow. * CVE-2024-53121 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active. * CVE-2024-53123 In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect. * CVE-2024-53124 In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc. * CVE-2024-53134 In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx93-blk-ctrl: correct remove path. * CVE-2024-53136 In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()". * CVE-2024-53142 In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun. * CVE-2024-53146 In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow. * CVE-2024-53152 In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert(). * CVE-2024-53156 In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service(). * CVE-2024-53160 In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu. * CVE-2024-53161 In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow. * CVE-2024-53164 In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment. * CVE-2024-53166 In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth(). * CVE-2024-53173 In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open(). * CVE-2024-53174 In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cache_show. * CVE-2024-53190 A deadlock condition exists in the Linux kernel. During the probe of rtl8192cu, the driver ends-up performing an refuse read procedure and the read_efuse() function calls read_efuse_byte() based on the efuse size. * CVE-2024-53194 In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove. * CVE-2024-53203 In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsi_ccg_sync_control(). * CVE-2024-53208 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync. * CVE-2024-53213 In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation. * CVE-2024-53222 In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in comp_algorithm_show(). * CVE-2024-53224 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration. * CVE-2024-53237 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix use-after-free in device_for_each_child(). * CVE-2024-53681 In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn. * CVE-2024-54460 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in iso_listen_bis. * CVE-2024-54680 A vulnerability was suspected in the Linux kernel's SMB client module related to TCP timers and potential deadlocks after module removal (rmmod cifs). The issue stemmed from incorrect manual manipulation of sk->sk_net_refcnt, which led to TCP timers not being properly cleared, causing lockdep warnings and deadlocks. However, this was an internal kernel misconfiguration affecting cleanup behavior rather than a security flaw exploitable by an attacker. Since no privilege escalation or data exposure was possible, this does not qualify as a security vulnerability. * CVE-2024-56535 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg(). * CVE-2024-56544 In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc. * CVE-2024-56551 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free. * CVE-2024-56558 In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svc_export_show. * CVE-2024-56562 A vulnerability was found in the i3c_master_put_i3c_addrs() function in the Linux kernel's i3c driver. A memory management issue can occur due to a copy-paste error between "dyn_addr" and "init_dyn_addr", which leads to incorrect handling of memory, potentially causing resource mismanagement and instability within the system. * CVE-2024-56566 A use-after-free list corruption vulnerability was found in the Linux kernel. If an allocated object fails in alloc_consistency_checks, all objects of the slab will be marked as used and the slab will be removed from the partial list. When an object belonging to the slab gets freed later, the remove_full() function is called. Since the slab is neither on the partial list nor on the full list, it eventually leads to a list corruption. * CVE-2024-56570 In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function. * CVE-2024-56590 A use-after-free vulnerability was found in the Linux kernel. The Bluetooth firmware isn't checked if skb contains an ACL header, otherwise the code may attempt to access some uninitialized or invalid memory past the valid skb->data. * CVE-2024-56591 A flaw was found in the Bluetooth subsystem of the Linux kernel, in the handling of delayed work within the hci_conn (Host Controller Interface connection) structure. The kernel used cancel_delayed_work_sync() when shutting down a connection, which cancels ongoing work but allows rescheduling. This could result in use-after-free conditions if the work is resubmitted after the associated object has been freed. Replacing it with disable_delayed_work_sync() prevents further scheduling, ensuring proper cleanup. A local attacker could potentially exploit this to trigger a use-after-free, leading to a denial of service or possible code execution. * CVE-2024-56600 In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create(). * CVE-2024-56601 In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create(). * CVE-2024-56602 In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create(). * CVE-2024-56604 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc(). * CVE-2024-56605 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create(). * CVE-2024-56611 In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM. * CVE-2024-56614 In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements. * CVE-2024-56616 In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check. * CVE-2024-56623 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload. * CVE-2024-56631 In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sg_release(). * CVE-2024-56642 In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). * CVE-2024-56644 Linux Kernel is vulnerable to a denial of service, caused by a dst objects leak in ip6_negative_advice() when executed for an expired IPv6 route located in the exception table. * CVE-2024-56647 In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering ip_rt_bug. * CVE-2024-56653 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtk_process_coredump. * CVE-2024-56654 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating. * CVE-2024-56663 In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one. * CVE-2024-56664 In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close(). * CVE-2024-56667 In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in capture_engine. * CVE-2024-56688 In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport. * CVE-2024-56693 In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds. * CVE-2024-56729 In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops. * CVE-2024-56757 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect. * CVE-2024-56760 In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully. * CVE-2024-56779 In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur. * CVE-2024-56783 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level. * CVE-2024-57798 In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req(). * CVE-2024-57809 A flaw was found in the PCI-imx6 module in the Linux kernel. The suspend/resume support is missing in the i.MX6QDL platforms, allowing certain drivers, such as ath10k and iwlwifi, to crash after resuming, causing a kernel hang and a denial of service. * CVE-2024-57843 In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnet_rq_alloc. * CVE-2024-57879 Linux Kernel is vulnerable to a denial of service, caused by a flaw related to hci_get_route holds the device before returning in Bluetooth. * CVE-2024-57884 In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite. * CVE-2024-57888 In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker. * CVE-2024-57890 In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue. * CVE-2024-57894 A vulnerability was identified in the Linux kernel's Bluetooth: hci_core package, where a sleeping function (mutex_lock) was improperly invoked from an invalid context within the HCI event handling workqueue, potentially leading to kernel warnings or deadlocks. An attacker exploiting this flaw could trigger crafted Bluetooth events or malformed packets to indirectly cause system instability or denial of service through workqueue execution paths. * CVE-2024-57898 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up. * CVE-2024-57929 In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dm_array_cursor_end. * CVE-2024-57931 In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions. * CVE-2024-57940 In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir(). * CVE-2024-58009 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc. * CVE-2024-58064 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap(). * CVE-2024-58099 In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame. * CVE-2025-1272 The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned modules can be loaded, leading to execution of untrusted code breaking breaking any Secure Boot protection. This vulnerability affects only Fedora Linux. * CVE-2025-21646 In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length. * CVE-2025-21663 In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree. * CVE-2025-21666 In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]. * CVE-2025-21668 In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: add missing loop break condition. * CVE-2025-21669 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes. * CVE-2025-21689 In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb(). * CVE-2025-21694 In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore. Moderate Copyright 2025 Softline PJSC CVE-2022-48969 CVE-2022-48989 CVE-2022-49006 CVE-2022-49014 CVE-2022-49029 CVE-2023-52672 CVE-2023-52917 CVE-2024-27008 CVE-2024-27398 CVE-2024-35891 CVE-2024-35933 CVE-2024-35934 CVE-2024-35963 CVE-2024-35964 CVE-2024-35965 CVE-2024-35966 CVE-2024-35967 CVE-2024-35978 CVE-2024-36011 CVE-2024-36012 CVE-2024-36013 CVE-2024-36880 CVE-2024-36968 CVE-2024-38541 CVE-2024-39500 CVE-2024-40956 CVE-2024-41010 CVE-2024-41062 CVE-2024-42133 CVE-2024-42253 CVE-2024-42265 CVE-2024-42278 CVE-2024-42291 CVE-2024-42294 CVE-2024-42302 CVE-2024-42304 CVE-2024-42305 CVE-2024-42312 CVE-2024-42315 CVE-2024-42316 CVE-2024-42321 CVE-2024-43820 CVE-2024-43821 CVE-2024-43823 CVE-2024-43828 CVE-2024-43834 CVE-2024-43846 CVE-2024-43853 CVE-2024-43871 CVE-2024-43873 CVE-2024-43882 CVE-2024-43884 CVE-2024-43889 CVE-2024-43898 CVE-2024-43910 CVE-2024-43914 CVE-2024-44931 CVE-2024-44932 CVE-2024-44934 CVE-2024-44952 CVE-2024-44958 CVE-2024-44964 CVE-2024-44975 CVE-2024-44987 CVE-2024-44989 CVE-2024-45000 CVE-2024-45009 CVE-2024-45010 CVE-2024-45016 CVE-2024-45022 CVE-2024-46673 CVE-2024-46675 CVE-2024-46711 CVE-2024-46722 CVE-2024-46723 CVE-2024-46724 CVE-2024-46725 CVE-2024-46743 CVE-2024-46745 CVE-2024-46747 CVE-2024-46750 CVE-2024-46754 CVE-2024-46756 CVE-2024-46758 CVE-2024-46759 CVE-2024-46761 CVE-2024-46783 CVE-2024-46786 CVE-2024-46787 CVE-2024-46800 CVE-2024-46805 CVE-2024-46806 CVE-2024-46807 CVE-2024-46819 CVE-2024-46820 CVE-2024-46822 CVE-2024-46828 CVE-2024-46835 CVE-2024-46839 CVE-2024-46853 CVE-2024-46864 CVE-2024-46871 CVE-2024-47141 CVE-2024-47660 CVE-2024-47668 CVE-2024-47678 CVE-2024-47685 CVE-2024-47687 CVE-2024-47692 CVE-2024-47700 CVE-2024-47703 CVE-2024-47705 CVE-2024-47706 CVE-2024-47710 CVE-2024-47713 CVE-2024-47715 CVE-2024-47718 CVE-2024-47719 CVE-2024-47737 CVE-2024-47738 CVE-2024-47739 CVE-2024-47745 CVE-2024-47748 CVE-2024-48873 CVE-2024-49569 CVE-2024-49851 CVE-2024-49856 CVE-2024-49860 CVE-2024-49862 CVE-2024-49870 CVE-2024-49875 CVE-2024-49878 CVE-2024-49881 CVE-2024-49882 CVE-2024-49883 CVE-2024-49884 CVE-2024-49885 CVE-2024-49886 CVE-2024-49889 CVE-2024-49904 CVE-2024-49927 CVE-2024-49928 CVE-2024-49929 CVE-2024-49930 CVE-2024-49933 CVE-2024-49934 CVE-2024-49935 CVE-2024-49937 CVE-2024-49938 CVE-2024-49939 CVE-2024-49946 CVE-2024-49948 CVE-2024-49950 CVE-2024-49951 CVE-2024-49954 CVE-2024-49959 CVE-2024-49960 CVE-2024-49962 CVE-2024-49967 CVE-2024-49968 CVE-2024-49971 CVE-2024-49973 CVE-2024-49974 CVE-2024-49975 CVE-2024-49977 CVE-2024-49983 CVE-2024-49991 CVE-2024-49993 CVE-2024-49994 CVE-2024-49995 CVE-2024-49999 CVE-2024-50002 CVE-2024-50006 CVE-2024-50008 CVE-2024-50009 CVE-2024-50013 CVE-2024-50014 CVE-2024-50015 CVE-2024-50018 CVE-2024-50019 CVE-2024-50022 CVE-2024-50023 CVE-2024-50024 CVE-2024-50027 CVE-2024-50028 CVE-2024-50029 CVE-2024-50033 CVE-2024-50035 CVE-2024-50038 CVE-2024-50039 CVE-2024-50044 CVE-2024-50046 CVE-2024-50047 CVE-2024-50055 CVE-2024-50057 CVE-2024-50058 CVE-2024-50064 CVE-2024-50067 CVE-2024-50073 CVE-2024-50074 CVE-2024-50075 CVE-2024-50077 CVE-2024-50078 CVE-2024-50081 CVE-2024-50082 CVE-2024-50093 CVE-2024-50101 CVE-2024-50102 CVE-2024-50106 CVE-2024-50107 CVE-2024-50109 CVE-2024-50117 CVE-2024-50120 CVE-2024-50121 CVE-2024-50126 CVE-2024-50127 CVE-2024-50128 CVE-2024-50130 CVE-2024-50141 CVE-2024-50143 CVE-2024-50150 CVE-2024-50151 CVE-2024-50152 CVE-2024-50153 CVE-2024-50162 CVE-2024-50163 CVE-2024-50169 CVE-2024-50182 CVE-2024-50186 CVE-2024-50189 CVE-2024-50191 CVE-2024-50197 CVE-2024-50199 CVE-2024-50200 CVE-2024-50201 CVE-2024-50215 CVE-2024-50216 CVE-2024-50219 CVE-2024-50228 CVE-2024-50235 CVE-2024-50236 CVE-2024-50237 CVE-2024-50256 CVE-2024-50261 CVE-2024-50271 CVE-2024-50272 CVE-2024-50278 CVE-2024-50282 CVE-2024-50299 CVE-2024-50304 CVE-2024-53042 CVE-2024-53044 CVE-2024-53047 CVE-2024-53050 CVE-2024-53051 CVE-2024-53055 CVE-2024-53057 CVE-2024-53059 CVE-2024-53060 CVE-2024-53070 CVE-2024-53072 CVE-2024-53074 CVE-2024-53082 CVE-2024-53085 CVE-2024-53091 CVE-2024-53093 CVE-2024-53095 CVE-2024-53096 CVE-2024-53097 CVE-2024-53103 CVE-2024-53105 CVE-2024-53110 CVE-2024-53117 CVE-2024-53118 CVE-2024-53120 CVE-2024-53121 CVE-2024-53123 CVE-2024-53124 CVE-2024-53134 CVE-2024-53136 CVE-2024-53142 CVE-2024-53146 CVE-2024-53152 CVE-2024-53156 CVE-2024-53160 CVE-2024-53161 CVE-2024-53164 CVE-2024-53166 CVE-2024-53173 CVE-2024-53174 CVE-2024-53190 CVE-2024-53194 CVE-2024-53203 CVE-2024-53208 CVE-2024-53213 CVE-2024-53222 CVE-2024-53224 CVE-2024-53237 CVE-2024-53681 CVE-2024-54460 CVE-2024-54680 CVE-2024-56535 CVE-2024-56544 CVE-2024-56551 CVE-2024-56558 CVE-2024-56562 CVE-2024-56566 CVE-2024-56570 CVE-2024-56590 CVE-2024-56591 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56604 CVE-2024-56605 CVE-2024-56611 CVE-2024-56614 CVE-2024-56616 CVE-2024-56623 CVE-2024-56631 CVE-2024-56642 CVE-2024-56644 CVE-2024-56647 CVE-2024-56653 CVE-2024-56654 CVE-2024-56663 CVE-2024-56664 CVE-2024-56667 CVE-2024-56688 CVE-2024-56693 CVE-2024-56729 CVE-2024-56757 CVE-2024-56760 CVE-2024-56779 CVE-2024-56783 CVE-2024-57798 CVE-2024-57809 CVE-2024-57843 CVE-2024-57879 CVE-2024-57884 CVE-2024-57888 CVE-2024-57890 CVE-2024-57894 CVE-2024-57898 CVE-2024-57929 CVE-2024-57931 CVE-2024-57940 CVE-2024-58009 CVE-2024-58064 CVE-2024-58099 CVE-2025-1272 CVE-2025-21646 CVE-2025-21663 CVE-2025-21666 CVE-2025-21668 CVE-2025-21669 CVE-2025-21689 CVE-2025-21694 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-8027 Mozilla Firefox could allow a remote attacker to obtain sensitive information. The JavaScript engine only wrote partial return value to stack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. * CVE-2025-8028 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On arm64, a WASM br_table instruction with a large number of entries could lead to the label being too far from the instruction, causing truncation and incorrect computation of the branch address. * CVE-2025-8029 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox executed javascript: URLs when used in object and embed tags. * CVE-2025-8030 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by insufficient escaping in the “Copy as cURL” feature. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-8031 Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by incorrect URL stripping in CSP reports. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions. * CVE-2025-8032 Mozilla Firefox could allow a remote attacker to bypass security restrictions. The XSLT document loading did not correctly propagate the source document which bypassed its CSP. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions. * CVE-2025-8033 Mozilla Firefox is vulnerable to a denial of service, caused by the incorrect JavaScript state machine for generators. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to trigger a NULL pointer dereference error. * CVE-2025-8034 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-8035 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-8027 CVE-2025-8028 CVE-2025-8029 CVE-2025-8030 CVE-2025-8031 CVE-2025-8032 CVE-2025-8033 CVE-2025-8034 CVE-2025-8035 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. * CVE-2025-5222 A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. Moderate Copyright 2025 Softline PJSC CVE-2025-5222 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Core part of Jackson that defines Streaming API as well as basic shared abstractions. * CVE-2025-52999 A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a Stack overflow Error can occur. Important Copyright 2025 Softline PJSC CVE-2025-52999 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2025-32023 Redis could allow a local authenticated attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in hyperloglog commands. * CVE-2025-48367 Redis is vulnerable to a denial of service, caused by a bad connection error handling. * CVE-2025-27151 Redis is vulnerable to a denial of service, caused by a stack-based buffer overflow in redis-check-aof due to the use of memcpy with strlen(filepath) when copying a user-supplied file path into a fixed-size stack buffer. This allows an attacker to overflow the stack and possibly achieve code execution. Important Copyright 2025 Softline PJSC CVE-2025-27151 CVE-2025-32023 CVE-2025-48367 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libxml2 library is a development toolbox providing the implementation of various XML standards. * CVE-2025-7425 A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption. Important Copyright 2025 Softline PJSC CVE-2025-7425 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. * CVE-2025-7345 A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution. Moderate Copyright 2025 Softline PJSC CVE-2025-7345 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 ModSecurity is an open source intrusion detection and prevention engine for web applications. * CVE-2025-48866 A denial of service flaw was found in ModSecurity. This vulnerability is present in the sanitiseArg/sanitizeArg function can be overloaded with a large number of arguments which will lead to excessive memory usage when processing json values. This may lead to a denial of service in the affected web server should memory limits be exceeded. Moderate Copyright 2025 Softline PJSC CVE-2025-48866 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Collector with the supported components for a Red Hat build of OpenTelemetry * CVE-2025-22871 The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Moderate Copyright 2025 Softline PJSC CVE-2025-22871 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-47273 A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools. Moderate Copyright 2025 Softline PJSC CVE-2025-47273 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2022-49788 In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram(). * CVE-2025-21727 In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder. * CVE-2025-21928 In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove(). * CVE-2025-21929 In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove(). * CVE-2025-21962 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option. * CVE-2025-22020 In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove. * CVE-2025-37890 A use-after-free vulnerability has been identified in the Linux kernel's HFSC (Hierarchical Fair Service Curve) queuing discipline when it is configured with NETEM (Network Emulation) as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state. Exploitation of this vulnerability requires local access with CAP_NET_ADMIN privileges and control over the qdisc (queueing discipline) setup. A local attacker could leverage this flaw to achieve denial of service or escalate privileges. Given that it affects kernel memory structures, successful exploitation could result in memory corruption, data leaks, or arbitrary write capabilities, leading to a full kernel crash. * CVE-2025-38052 In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free. * CVE-2025-38087 In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier. Important Copyright 2025 Softline PJSC CVE-2022-49788 CVE-2025-21727 CVE-2025-21928 CVE-2025-21929 CVE-2025-21962 CVE-2025-22020 CVE-2025-37890 CVE-2025-38052 CVE-2025-38087 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Qt 3D provides functionality for near-realtime simulation systems with support for 2D and 3D rendering in both Qt C++ and Qt Quick applications). * CVE-2025-3158 A flaw has been found in the Open Asset Import Library (assimp). In affected versions, a malformed LWO file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior. * CVE-2025-3159 A flaw has been found in the Open Asset Import Library (assimp). In affected versions, a malformed ASE file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior. Moderate Copyright 2025 Softline PJSC CVE-2025-3158 CVE-2025-3159 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. * CVE-2025-8058 A double-free vulnerability has been discovered in glibc (GNU C Library). This flaw occurs during bracket expression parsing within the regcomp function, specifically when a memory allocation failure takes place. Exploitation of a double-free vulnerability can lead to memory corruption, which could enable an attacker to achieve arbitrary code execution or a denial of service condition. Moderate Copyright 2025 Softline PJSC CVE-2025-8058 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The ncurses (new curses) library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. * CVE-2022-29458 GNU ncurses could allow a local attacker to bypass security restrictions, caused by an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass authentication and obtain access. Low Copyright 2025 Softline PJSC CVE-2022-29458 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-47081 A flaw was found in the Requests HTTP library. This vulnerability allows leakage of .netrc credentials to third parties via maliciously crafted URLs that exploit a URL parsing issue. Moderate Copyright 2025 Softline PJSC CVE-2024-47081 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libxml2 library is a development toolbox providing the implementation of various XML standards. * CVE-2025-32414 In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters. * CVE-2025-32415 A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service. Moderate Copyright 2025 Softline PJSC CVE-2025-32414 CVE-2025-32415 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-38079 In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept. * CVE-2025-38292 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory. Moderate Copyright 2025 Softline PJSC CVE-2025-38079 CVE-2025-38292 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-47273 A path traversal vulnerability in the Python setuptools library allows attackers with limited system access to write files outside the intended temporary directory by manipulating package download URLs. This flaw bypasses basic filename sanitization and can lead to unauthorized overwrites of important system files, creating opportunities for further compromise. While it doesn't expose data or require user interaction, it poses a high integrity risk and is especially concerning in environments that rely on automated package handling or internal tooling built on setuptools. Moderate Copyright 2025 Softline PJSC CVE-2025-47273 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. * CVE-2025-23266 A flaw was found in the NVIDIA Container Toolkit. This vulnerability allows execution of arbitrary code with elevated permissions via improperly secured container initialization hooks. This can potentially lead to privilege escalation, data tampering, information disclosure, and denial of service. Important Copyright 2025 Softline PJSC CVE-2025-23266 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2025-31273 A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. * CVE-2025-31278 A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling * CVE-2025-43211 A flaw was found in WebKitGTK. Processing malicious web content can cause a denial of service due to improper memory handling. * CVE-2025-43212 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. * CVE-2025-43216 A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash. * CVE-2025-43227 A flaw was found in WebKitGTK. Processing malicious web content can disclose sensitive user information due to improper state management. * CVE-2025-43240 A flaw was found in WebKitGTK. A malicious website can cause the origin of a download to be incorrectly associated with the wrong site due to improper checks, allowing an attacker to trick a user into downloading a malicious file. * CVE-2025-43265 A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper input validation, resulting in the disclosure of the internal states of the application. * CVE-2025-6558 A flaw was found in the libANGLE library. An improper input validation can cause undefined behavior when a specially crafted webpage is visited, potentially resulting in code execution. Important Copyright 2025 Softline PJSC CVE-2025-31273 CVE-2025-31278 CVE-2025-43211 CVE-2025-43212 CVE-2025-43216 CVE-2025-43227 CVE-2025-43240 CVE-2025-43265 CVE-2025-6558 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. * CVE-2022-24130 A buffer-overflow vulnerability was found in xterm's set_sixel() function in the 'graphics_sixel.c' file. This flaw allows an attacker to trigger a buffer overflow via crafted text when the sixel-graphics functionality is enabled. This issue causes xterm to crash, affecting the availability of an application, leading to a denial of service. Moderate Copyright 2025 Softline PJSC CVE-2022-24130 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The golang packages provide the Go programming language compiler. * CVE-2025-4674 A flaw was found in cmd/go. The go command can execute arbitrary commands when processing untrusted version control system (VCS) repositories containing malicious configuration. This issue occurs because the command interprets VCS metadata, potentially leading to unintended command execution. This vulnerability allows a malicious actor to trigger this by providing a repository with a crafted VCS configuration, resulting in arbitrary code execution within the context of the go process. Important Copyright 2025 Softline PJSC CVE-2025-4674 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-28956 New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHI_NO, by leveraging in-kernel gadgets (potentially accessible via SECCOMP/cBPF), Branch Target Buffer (BTB) aliasing, and direct-to-indirect branch predictor training. While the root cause lies in CPU architectural behavior, the vulnerability manifests through kernel-level speculation paths, allowing attackers to potentially leak sensitive memory. * CVE-2025-38085 In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race. * CVE-2025-38159 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds. * CVE-2025-21867 In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type(). * CVE-2025-38084 In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: unshare page tables during VMA split, not before. * CVE-2025-38124 A denial of service vulnerability has been discovered in the Linux kernel's UDP Generic Segmentation Offload (GSO) functionality. This flaw allows a local, unprivileged user to trigger a kernel crash by generating UDP packets with a specially malformed frag_list geometry. Successful exploitation of this vulnerability could lead to a system crash, severely impacting the availability and stability of the affected system. * CVE-2025-38250 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush(). * CVE-2025-38380 In the Linux kernel, the following vulnerability has been resolved: i2c/designware: Fix an initialization issue. * CVE-2025-38471 In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock. Important Copyright 2025 Softline PJSC CVE-2024-28956 CVE-2025-21867 CVE-2025-38084 CVE-2025-38085 CVE-2025-38124 CVE-2025-38159 CVE-2025-38250 CVE-2025-38380 CVE-2025-38471 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. * CVE-2025-48988 A denial-of-service (DoS) vulnerability has been identified in Apache Tomcat, concerning its handling of upload limits. A remote attacker could exploit this flaw by sending a specially crafted request containing an excessively large number of multipart sections. This malicious request can trigger excessive memory consumption on the Tomcat server, ultimately leading to resource exhaustion and a denial-of-service condition. * CVE-2025-48989 A flaw was found in Apache Tomcat where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS). * CVE-2025-49125 A flaw has been discovered in path handling logic in Apache Tomcat. When using either PreResources or PostResources mounted on a non-root path, it is possible to access resources via an unexpected path. This may result in leaking of files on those paths. * CVE-2025-52434 A denial of service flaw was found in Apache Tomcat. A race condition during connection closure could trigger a JVM crash when using the APR/Native connector, leading to a denial of service. This issue was particularly noticeable with client-initiated closures of HTTP/2 connections. * CVE-2025-52520 A denial of service flaw was found in Apache Tomcat. For some unlikely configurations of multipart upload, an integer overflow vulnerability may lead to a denial of service via bypassing size limits. * CVE-2025-53506 A denial of service flaw was found in Apache Tomcat. An uncontrolled resource consumption vulnerability, where an HTTP/2 client fails to acknowledge the initial settings frame that reduces the maximum permitted concurrent streams, could result in a denial of service. * CVE-2025-48976 A denial-of-service (DoS) vulnerability has been discovered in the Apache Commons FileUpload library. The flaw stems from insufficient limits placed on multipart headers during file uploads. A remote attacker could exploit this by sending a specially crafted request with an excessively large number of multipart headers. This malicious input can lead to uncontrolled memory consumption within applications utilizing the library, exhausting system resources and causing a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-48976 CVE-2025-48988 CVE-2025-48989 CVE-2025-49125 CVE-2025-52434 CVE-2025-52520 CVE-2025-53506 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. * CVE-2025-5914 A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. Important Copyright 2025 Softline PJSC CVE-2025-5914 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-9179 A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. * CVE-2025-9180 A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Graphics: Canvas2D component. * CVE-2025-9181 A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the JavaScript Engine component. * CVE-2025-9182 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to out-of-memory in the Graphics: WebRender component. * CVE-2025-9185 A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs are present in the following versions: Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141, and Thunderbird 141. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code. Important Copyright 2025 Softline PJSC CVE-2025-9179 CVE-2025-9180 CVE-2025-9181 CVE-2025-9182 CVE-2025-9185 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2025-8714 A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pg_dump, pg_dumpall, and pg_restore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to untrusted data inclusion. * CVE-2025-8715 A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pg_dump, pg_dumpall, pg_restore, and pg_upgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are restored by psql due to an improper neutralization of newlines. Important Copyright 2025 Softline PJSC CVE-2025-8714 CVE-2025-8715 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2025-8714 A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pg_dump, pg_dumpall, and pg_restore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to untrusted data inclusion. * CVE-2025-8715 A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pg_dump, pg_dumpall, pg_restore, and pg_upgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are restored by psql due to an improper neutralization of newlines. Important Copyright 2025 Softline PJSC CVE-2025-8714 CVE-2025-8715 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 PostgreSQL is an advanced object-relational database management system (DBMS). * CVE-2025-8714 A flaw was found in PostgreSQL. This vulnerability allows a malicious superuser on a PostgreSQL server to inject arbitrary code into dump files created by pg_dump, pg_dumpall, and pg_restore, causing arbitrary code execution on the client machine when these dump files are restored by psql due to untrusted data inclusion. * CVE-2025-8715 A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pg_dump, pg_dumpall, pg_restore, and pg_upgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are restored by psql due to an improper neutralization of newlines. Important Copyright 2025 Softline PJSC CVE-2025-8714 CVE-2025-8715 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-9179 A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker is able to perform memory corruption in the GMP process which process encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. * CVE-2025-9180 A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Graphics: Canvas2D component. * CVE-2025-9181 A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the JavaScript Engine component. * CVE-2025-9182 A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to out-of-memory in the Graphics: WebRender component. * CVE-2025-9185 A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs are present in the following versions: Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141, and Thunderbird 141. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code. Important Copyright 2025 Softline PJSC CVE-2025-9179 CVE-2025-9180 CVE-2025-9181 CVE-2025-9182 CVE-2025-9185 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Advanced Intrusion Detection Environment (AIDE) is a utility that creates a database of files on the system, and then uses that database to ensure file integrity and detect system intrusions. * CVE-2025-54389 A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files. Additionally, the output of extended attribute key names and symbolic links targets is also not properly neutralized. Important Copyright 2025 Softline PJSC CVE-2025-54389 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-37914 A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system instability, or a crash. * CVE-2025-22058 A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SO_RCVBUF socket option to its maximum value (INT_MAX), which triggers an integer overflow within the udp_rmem_release() function during socket closure. The udp_destruct_common() purges its receive queue and sums up skb->truesize in the queue. This total is calculated and stored in a local unsigned integer variable. The total size is then passed to udp_rmem_release() to adjust memory accounting. Due to the function taking a signed integer argument, the total size can wrap around, causing a memory overflow condition, potentially leading to system instability. * CVE-2025-38417 In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario. Important Copyright 2025 Softline PJSC CVE-2025-22058 CVE-2025-37914 CVE-2025-38417 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. * CVE-2024-47252 A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in mod_ssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files. * CVE-2025-23048 An access control bypass vulnerability was found in Apache httpd. The Apache HTTP Server with some mod_ssl configurations can bypass the access controls by trusted clients using TLS 1.3 session resumption. A client trusted to access one virtual host may be able to access another if SSLStrictSNIVHostCheck is not enabled on either host. * CVE-2025-49812 An HTTP session hijacking flaw was found in Apache httpd. In some mod_ssl configurations on Apache HTTP Server, an HTTP desynchronization attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Moderate Copyright 2025 Softline PJSC CVE-2024-47252 CVE-2025-23048 CVE-2025-49812 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. * CVE-2025-8067 A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users. Important Copyright 2025 Softline PJSC CVE-2025-8067 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-8194 A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module. Moderate Copyright 2025 Softline PJSC CVE-2025-8194 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-38200 In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw. * CVE-2025-37823 In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too. * CVE-2025-38211 In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction. * CVE-2025-38350 A use-after-free (UAF) vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper (CBS) qdisc implementation (sch_cbs). The vulnerability occurs because the CBS qdisc's reset function (qdisc_reset_queue()) only resets its internal queue but fails to reset its child qdisc recursively. As a result, a mismatch in queue length (qlen) occurs between CBS and its children during interface resets, eventually allowing attackers to trigger UAF on a parent HFSC scheduler. * CVE-2025-38461 In the Linux kernel, the following vulnerability has been resolved: vsock: Transport assignment may race with module unload. * CVE-2025-38464 In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipc_conn_close(). * CVE-2025-38500 In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collect_md. Important Copyright 2025 Softline PJSC CVE-2025-37823 CVE-2025-38200 CVE-2025-38211 CVE-2025-38350 CVE-2025-38461 CVE-2025-38464 CVE-2025-38500 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-8194 A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module. Moderate Copyright 2025 Softline PJSC CVE-2025-8194 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-8194 A flaw was found in the Python tarfile module. Processing a specially crafted tar archive, specifically an archive with negative offsets, can cause an infinite loop and deadlock. This issue results in a denial of service in the Python application using the tarfile module. Moderate Copyright 2025 Softline PJSC CVE-2025-8194 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. * CVE-2025-49630 An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the mod_proxy_http2 module, which likely results in an Apache HTTP server crash or denial of service (DoS). Moderate Copyright 2025 Softline PJSC CVE-2025-49630 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication. * CVE-2025-6020 A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. * CVE-2025-8941 A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. Important Copyright 2025 Softline PJSC CVE-2025-6020 CVE-2025-8941 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-38550 In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: аn IPv6 MLD bookkeeping bug freed pmc->idev before it was used in ip6_mc_clear_src(), causing a use-after-free in the multicast code path. A remote attacker on the same L2 segment could potentially trigger a kernel crash via crafted MLD activity, leading to DoS. Moderate Copyright 2025 Softline PJSC CVE-2025-38550 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-37803 In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation. * CVE-2025-38392 In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock. Important Copyright 2025 Softline PJSC CVE-2025-37803 CVE-2025-38392 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2024-26130 A flaw was discovered in python-cryptography. A NULL pointer dereference can be triggered when a PKCS#12 key and certificate do not match. Specifically, if the pkcs12.serialize_key_and_certificates function is called with a non-matching certificate and private key and an encryption algorithm with hmac_hash set, the Python process may crash, leading to a denial of service. Important Copyright 2025 Softline PJSC CVE-2024-26130 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-22097 In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error. If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and it might double free it. * CVE-2025-38332 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy() for BIOS version. * CVE-2025-38352 A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handle_posix_cpu_timers() may run concurrently with posix_cpu_timer_del() on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their privileges on a system. * CVE-2025-38449 In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers. Important Copyright 2025 Softline PJSC CVE-2025-22097 CVE-2025-38332 CVE-2025-38352 CVE-2025-38449 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. * CVE-2025-58060 A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize() function, the password is not checked. This vulnerability allows attackers to bypass authentication entirely, resulting in unauthorized access to administrative functions and system configuration. * CVE-2025-58364 OpenPrinting CUPS is vulnerable to a denial of service, caused by a NULL pointer dereferences flaw due to an unsafe deserialization and validation of printer attributes. Important Copyright 2025 Softline PJSC CVE-2025-58060 CVE-2025-58364 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Important Copyright 2025 Softline PJSC CVE-2025-9566 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2023-49083 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6. Moderate Copyright 2025 Softline PJSC CVE-2023-49083 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Collector with the supported components for a Red Hat build of OpenTelemetry * CVE-2025-4673 A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect responses, unintentionally exposing authentication details to unauthorized parties. Moderate Copyright 2025 Softline PJSC CVE-2025-4673 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: * CVE-2025-32988 A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior. * CVE-2025-32989 A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly. * CVE-2025-32990 A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. * CVE-2025-6395 A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). Bug Fixes and Enhancements: * gnutls: Vulnerability in GnuTLS certtool template parsing. * gnutls: Vulnerability in GnuTLS SCT extension parsing. * gnutls: Vulnerability in GnuTLS otherName SAN export. * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite(). Moderate Copyright 2025 Softline PJSC CVE-2025-32988 CVE-2025-32989 CVE-2025-32990 CVE-2025-6395 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-10527 firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component. * CVE-2025-10528 firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. * CVE-2025-10529 irefox: thunderbird: Same-origin policy bypass in the Layout component. * CVE-2025-10532 firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component. * CVE-2025-10533 firefox: thunderbird: Integer overflow in the SVG component. * CVE-2025-10536 firefox: thunderbird: Information disclosure in the Networking: Cache component. * CVE-2025-10537 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Important Copyright 2025 Softline PJSC CVE-2025-10527 CVE-2025-10528 CVE-2025-10529 CVE-2025-10532 CVE-2025-10533 CVE-2025-10536 CVE-2025-10537 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. * CVE-2025-21574 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21575 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21577 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21579 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21580 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21581 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21584 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21585 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30681 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2025-30682 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30683 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30684 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30685 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30687 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30688 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30689 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30693 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-30695 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-30696 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30699 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30703 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-30704 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30705 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30715 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30721 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30722 Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. * CVE-2025-50077 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50078 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50079 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50080 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50081 Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. * CVE-2025-50082 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50083 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50084 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50085 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-50086 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50087 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. * CVE-2025-50088 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50091 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50092 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50093 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50094 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.42, 8.4.5 and 9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50096 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50097 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50098 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2025-50099 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50100 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2025-50101 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50102 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50104 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2025-53023 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.42. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. Moderate Copyright 2025 Softline PJSC CVE-2025-21574 CVE-2025-21575 CVE-2025-21577 CVE-2025-21579 CVE-2025-21580 CVE-2025-21581 CVE-2025-21584 CVE-2025-21585 CVE-2025-30681 CVE-2025-30682 CVE-2025-30683 CVE-2025-30684 CVE-2025-30685 CVE-2025-30687 CVE-2025-30688 CVE-2025-30689 CVE-2025-30693 CVE-2025-30695 CVE-2025-30696 CVE-2025-30699 CVE-2025-30703 CVE-2025-30704 CVE-2025-30705 CVE-2025-30715 CVE-2025-30721 CVE-2025-30722 CVE-2025-50077 CVE-2025-50078 CVE-2025-50079 CVE-2025-50080 CVE-2025-50081 CVE-2025-50082 CVE-2025-50083 CVE-2025-50084 CVE-2025-50085 CVE-2025-50086 CVE-2025-50087 CVE-2025-50088 CVE-2025-50091 CVE-2025-50092 CVE-2025-50093 CVE-2025-50094 CVE-2025-50096 CVE-2025-50097 CVE-2025-50098 CVE-2025-50099 CVE-2025-50100 CVE-2025-50101 CVE-2025-50102 CVE-2025-50104 CVE-2025-53023 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. * CVE-2024-13176 A timing side-channel vulnerability was found in OpenSSL. This vulnerability allows an attacker to recover the private key. However, measuring the timing would require local access to the signing application or a fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This issue can happen with significant probability only for some of the supported elliptic curves. In particular, the NIST P-521 curve is affected. * CVE-2025-5399 Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS libcurl-using application. * CVE-2025-21574 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21575 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21577 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21579 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21580 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21581 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21584 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21585 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-21588 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30681 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2025-30682 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30683 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30684 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30685 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30687 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30688 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30689 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30693 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-30695 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-30696 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30699 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30703 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-30704 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30705 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30715 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30721 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-30722 Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. * CVE-2025-50077 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50078 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50079 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50080 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50081 Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. * CVE-2025-50082 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50083 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50084 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50085 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. * CVE-2025-50086 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50087 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. * CVE-2025-50088 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50091 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50092 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50093 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50094 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.42, 8.4.5 and 9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50096 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50097 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50098 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2025-50099 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50100 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. * CVE-2025-50101 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50102 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. * CVE-2025-50104 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. Moderate Copyright 2025 Softline PJSC CVE-2024-13176 CVE-2025-21574 CVE-2025-21575 CVE-2025-21577 CVE-2025-21579 CVE-2025-21580 CVE-2025-21581 CVE-2025-21584 CVE-2025-21585 CVE-2025-21588 CVE-2025-30681 CVE-2025-30682 CVE-2025-30683 CVE-2025-30684 CVE-2025-30685 CVE-2025-30687 CVE-2025-30688 CVE-2025-30689 CVE-2025-30693 CVE-2025-30695 CVE-2025-30696 CVE-2025-30699 CVE-2025-30703 CVE-2025-30704 CVE-2025-30705 CVE-2025-30715 CVE-2025-30721 CVE-2025-30722 CVE-2025-50077 CVE-2025-50078 CVE-2025-50079 CVE-2025-50080 CVE-2025-50081 CVE-2025-50082 CVE-2025-50083 CVE-2025-50084 CVE-2025-50085 CVE-2025-50086 CVE-2025-50087 CVE-2025-50088 CVE-2025-50091 CVE-2025-50092 CVE-2025-50093 CVE-2025-50094 CVE-2025-50096 CVE-2025-50097 CVE-2025-50098 CVE-2025-50099 CVE-2025-50100 CVE-2025-50101 CVE-2025-50102 CVE-2025-50104 CVE-2025-5399 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security update: * CVE-2024-36350 A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. Bug Fixes and Enhancements: * Update linux-firmware to latest upstream [rhel-9.6.z]. Moderate Copyright 2025 Softline PJSC CVE-2024-36350 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 INFEBA-2025:0001: msvsphere-configs bug fix and enhancement update (Important) Bug Fix(es) and Enhancement(s): * Fixing the inability to update via gnome-software Important Copyright 2025 Softline PJSC cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-10527 firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component. * CVE-2025-10528 firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. * CVE-2025-10529 irefox: thunderbird: Same-origin policy bypass in the Layout component. * CVE-2025-10532 firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component. * CVE-2025-10533 firefox: thunderbird: Integer overflow in the SVG component. * CVE-2025-10536 firefox: thunderbird: Information disclosure in the Networking: Cache component. * CVE-2025-10537 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Important Copyright 2025 Softline PJSC CVE-2025-10527 CVE-2025-10528 CVE-2025-10529 CVE-2025-10532 CVE-2025-10533 CVE-2025-10536 CVE-2025-10537 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The command-line-assistant package provides a simple wrapper to interact with RAG. * CVE-2025-5962 A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or inject arbitrary history entries, including misleading or malicious commands. This can be used to deceive another user into executing harmful actions, posing a risk of privilege misuse or unauthorized command execution through social engineering. Moderate Copyright 2025 Softline PJSC CVE-2025-5962 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2023-53125 In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network stack will leak kernel memory contents. * CVE-2025-37810 In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length. * CVE-2025-38498 In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts. * CVE-2025-39694 In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix SCCB present check. Moderate Copyright 2025 Softline PJSC CVE-2023-53125 CVE-2025-37810 CVE-2025-38498 CVE-2025-39694 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. - CVE-2025-40300 "x86/vmscape: Enable the mitigation" - CVE-2025-40300 "x86/vmscape: Add conditional IBPB mitigation" - CVE-2024-47704 "drm/amd/display: Check link_res->hpo_dp_link_enc before using it" - CVE-2025-38502 "bpf: Fix oob access in cgroup local storage" - CVE-2025-37931 "btrfs: adjust subpage bit start based on sectorsize" - CVE-2025-39843 "mm: slub: avoid wake up kswapd in set_track_prepare" - CVE-2024-57924 "fs: relax assertions on failure to encode file handles" - CVE-2025-39838 "cifs: prevent NULL pointer dereference in UTF16 conversion" - CVE-2025-39839 "batman-adv: fix OOB read/write in network-coding decode" - CVE-2025-39841 "scsi: lpfc: Fix buffer free/clear order in deferred receive path" - CVE-2025-39842 "ocfs2: prevent release journal inode after journal shutdown" - CVE-2025-39844 "mm: move page table sync declarations to linux/pgtable.h" - CVE-2025-39845 "x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings()" - CVE-2025-39846 "pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()" - CVE-2025-39847 "ppp: fix memory leak in pad_compress_skb" - CVE-2025-39848 "ax25: properly unshare skbs in ax25_kiss_rcv()" - CVE-2025-39849 "wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()" - CVE-2025-39853 "i40e: Fix potential invalid access when MAC list is empty" - CVE-2025-39857 "net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync()" - CVE-2025-39860 "Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()" - CVE-2025-39864 "wifi: cfg80211: fix use-after-free in cmp_bss()" - CVE-2025-39865 "tee: fix NULL pointer dereference in tee_shm_put" - CVE-2025-39866 "fs: writeback: fix use-after-free in __mark_inode_dirty()" Important Copyright 2025 Softline PJSC CVE-2024-47704 CVE-2024-57924 CVE-2025-37931 CVE-2025-38502 CVE-2025-39838 CVE-2025-39839 CVE-2025-39841 CVE-2025-39842 CVE-2025-39843 CVE-2025-39844 CVE-2025-39845 CVE-2025-39846 CVE-2025-39847 CVE-2025-39848 CVE-2025-39849 CVE-2025-39853 CVE-2025-39857 CVE-2025-39860 CVE-2025-39864 CVE-2025-39865 CVE-2025-39866 CVE-2025-40300 CVE-2025-40300 CVE-2025-40300 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-38472 The vulnerability in nf_conntrack can be triggered by an unprivileged user under typical configurations where user and network namespaces are available (e.g., via unshare or CLONE_NEWNET). This enables the user to initiate Netfilter-based networking operations (such as NAT or connection tracking) even if the system had no prior active conntrack entries. Since exploitation does not require elevated privileges beyond what is granted in the default namespace setup with CAP_NET_RAW or similar, the Privileges Required (PR) is assessed as Low. The primary attack vector is remote-triggered packets from user-controlled namespaces that cause conntrack allocation and destruction races, leading to a potential kernel panic. * CVE-2025-38527 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break. * CVE-2025-38718 A flaw in the SCTP receive path failed to linearize cloned GSO sk_buffs before accessing fraglists, leading to reads of uninitialized memory as reported by KMSAN. An attacker sending SCTP traffic can trigger incorrect processing and potentially cause a kernel denial of service on the target under specific RX conditions. Stream Control Transmission Protocol (SCTP) is a transport-layer protocol (like TCP or UDP) primarily used in telecom signaling and some specialized applications. On most Linux systems it is disabled by default, and remote connectivity is only possible if SCTP support is enabled and listening services are configured (commonly using the IANA-assigned port 2905/tcp for M3UA or other protocol-specific ports). Therefore, the vulnerability is only exploitable when SCTP is enabled and reachable on the target system. Although KMSAN reports this issue as use of uninitialized memory (which deterministically crashes with KMSAN enabled), on production kernels the impact is still availability-related. * CVE-2025-39682 A logic bug in the kTLS receive path mishandles zero-length records taken from the rx_list, allowing a mixed record-type sequence to slip past the per-recvmsg() type constraint and proceed to data processing. The fix initializes and checks the per-call content type (using 0 as “unset”) and bails out when a non-DATA record is encountered after DATA. This can be remotely triggered only when kernel TLS (CONFIG_TLS with the TLS ULP) is in use. This issue can only be triggered when the kernel TLS ULP (kTLS, enabled via CONFIG_TLS and attached to TCP sockets with SOL_TLS) is in use. * CVE-2025-39698 A flaw in io_uring’s futex path freed io_futex_data on error but left req->async_data and the REQ_F_ASYNC_DATA flag inconsistent, creating a window for use-after-free. This issue is reachable by any unprivileged local user via io_uring futex operations. The most plausible impact is denial of service, since the freed structure is small and not directly attacker-controlled, making exploitation for privilege escalation very unlikely. Still, as with any use-after-free in kernel space, a worst-case impact would be privileges escalation. Moderate Copyright 2025 Softline PJSC CVE-2025-38472 CVE-2025-38527 CVE-2025-38718 CVE-2025-39682 CVE-2025-39698 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. * CVE-2025-7493 A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA still does not validate the root@REALM canonical name, which can also be used as the realm administrator's name. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration. Important Copyright 2025 Softline PJSC CVE-2025-7493 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C. * CVE-2025-40928 A flaw was found in the JSON-XS Perl module. A buffer overflow can be triggered due to an integer overflow when a specially crafted JSON input is processed, causing a segmentation fault, crashing the application using the module and resulting in a denial of service. Moderate Copyright 2025 Softline PJSC CVE-2025-40928 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2024-50301 In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission. * CVE-2025-38351 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush. * CVE-2025-39761 n the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Decrement TID on RX peer frag setup error handling. Moderate Copyright 2025 Softline PJSC CVE-2024-50301 CVE-2025-38351 CVE-2025-39761 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. * CVE-2025-41244 A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine (VM) could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries from writable paths such as /tmp. Exploitation requires the open-vm-tools-sdmp package to be installed and guest service discovery to be enabled. Important Copyright 2025 Softline PJSC CVE-2025-41244 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Chromium is an open-source web browser, powered by WebKit (Blink) * CVE-2025-10890 Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) * CVE-2025-10891 Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) * CVE-2025-10892 Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Important Copyright 2025 Softline PJSC CVE-2025-10890 CVE-2025-10891 CVE-2025-10892 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The iputils packages contain basic utilities for monitoring a network, including ping. * CVE-2025-48964 An integer overflow flaw has been discovered in the ping function within the iputils package. This overflow may allow an attacker to craft an ECHO reply which can prevent iputils from operating normally. Moderate Copyright 2025 Softline PJSC CVE-2025-48964 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. * CVE-2024-6174 An access permissions flaw was found in cloud-init. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded URL with a local IP address, which creates a security exposure. Important Copyright 2025 Softline PJSC cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Vim (Vi IMproved) is an updated and improved version of the vi editor. * CVE-2025-53905 A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. * CVE-2025-53906 A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. Moderate Copyright 2025 Softline PJSC CVE-2025-53905 CVE-2025-53906 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-38556 In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits. * CVE-2023-53373 The flaw is in the seqiv IV generator and can lead to a use-after-free when backlogged crypto requests return -EBUSY. Triggering it is easier locally by flooding the kernel crypto API (e.g. via AF_ALG or many concurrent AEAD requests) because the attacker must create backlog conditions. Remote triggering is much harder and only realistic for specific configurations (for example an in-kernel IPsec/TLS path that uses seqiv for AEAD). In practice this means an unprivileged local user with access to the kernel crypto interface is the most likely threat vector, while a remote attacker would need the target to both use seqiv and be inducible into heavy crypto backlog. * CVE-2025-38614 A local unprivileged user can trigger this issue by creating deeply nested chains of epoll file descriptors using the standard epoll_create and epoll_ctl syscalls. No special capabilities or elevated rights are required — any user with the ability to open file descriptors can exploit it. This can lead to excessive kernel stack usage and ultimately a denial of service (system crash). * CVE-2025-39757 In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors. Moderate Copyright 2025 Softline PJSC CVE-2023-53373 CVE-2025-38556 CVE-2025-38614 CVE-2025-39757 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. * CVE-2025-5318 A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior. Moderate Copyright 2025 Softline PJSC CVE-2025-5318 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-11708 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in MediaTrackGraphImpl::GetInstance(). By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-11709 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read/write in a privileged process triggered by WebGL textures. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-11710 Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by the leaking of cross-process information due to malicious IPC messages. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. * CVE-2025-11711 Mozilla Firefox could allow a remote attacker to bypass security restrictions. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to modify some non-writable Object properties. * CVE-2025-11712 A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header. * CVE-2025-11714 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-11715 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-11708 CVE-2025-11709 CVE-2025-11710 CVE-2025-11711 CVE-2025-11712 CVE-2025-11714 CVE-2025-11715 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.121 and .NET Runtime 8.0.21. * CVE-2025-55247 A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operations. * CVE-2025-55248 A flaw exists in certain .NET builds where a man-in-the-middle (MITM) attacker can prevent or downgrade TLS between a client and an SMTP server. This may cause the client to send credentials or message data over an unencrypted connection, exposing sensitive information to the attacker. * CVE-2025-55315 A flaw was found in ASP.NET Core’s HTTP request handling that leads to inconsistent interpretation of specially crafted HTTP requests. This mismatch can be abused by an authorized network attacker to smuggle or manipulate request boundaries, allowing bypass of security controls or unintended forwarding of request data. Important Copyright 2025 Softline PJSC CVE-2025-55247 CVE-2025-55248 CVE-2025-55315 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.111 and .NET Runtime 9.0.10. * CVE-2025-55247 A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operations. * CVE-2025-55248 A flaw exists in certain .NET builds where a man-in-the-middle (MITM) attacker can prevent or downgrade TLS between a client and an SMTP server. This may cause the client to send credentials or message data over an unencrypted connection, exposing sensitive information to the attacker. * CVE-2025-55315 A flaw was found in ASP.NET Core’s HTTP request handling that leads to inconsistent interpretation of specially crafted HTTP requests. This mismatch can be abused by an authorized network attacker to smuggle or manipulate request boundaries, allowing bypass of security controls or unintended forwarding of request data. Important Copyright 2025 Softline PJSC CVE-2025-55247 CVE-2025-55248 CVE-2025-55315 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2025-43272 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. * CVE-2025-43342 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper checks. * CVE-2025-43356 A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches. * CVE-2025-43368 A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash. * CVE-2025-43343 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Important Copyright 2025 Softline PJSC CVE-2025-43272 CVE-2025-43342 CVE-2025-43343 CVE-2025-43356 CVE-2025-43368 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Enhancement(s): * Update linux-firmware to latest upstream rhel-9.6.z. Security Fix(es): * CVE-2024-36357 A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries. Moderate Copyright 2025 Softline PJSC CVE-2024-36357 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Bug Fix(es): * Since the 8.8 release and the 9.2 release, OpenJDK 8 has used a single build repackaged for each major OS release. With this release, this same build is now also used by the following older releases: 8.2, 8.4, 8.6, and 9.0. On OS v. 8.2, this means that OpenJDK's FIPS mode will now be enabled by default when the system is in FIPS mode. Security Fix(es): * CVE-2025-53057 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE related to the Security component could allow a remote attacker to cause no confidentiality impact, high integrity impact, and no availability impact. * CVE-2025-53066 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability impact. Moderate Copyright 2025 Softline PJSC CVE-2025-53057 CVE-2025-53066 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Thunderbird is a standalone mail and newsgroup client. * CVE-2025-11708 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in MediaTrackGraphImpl::GetInstance(). By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-11709 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read/write in a privileged process triggered by WebGL textures. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-11710 Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by the leaking of cross-process information due to malicious IPC messages. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. * CVE-2025-11711 Mozilla Firefox could allow a remote attacker to bypass security restrictions. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to modify some non-writable Object properties. * CVE-2025-11712 A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header. * CVE-2025-11714 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-11715 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-11708 CVE-2025-11709 CVE-2025-11710 CVE-2025-11711 CVE-2025-11712 CVE-2025-11714 CVE-2025-11715 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2022-50087 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails. * CVE-2025-22026 In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svc_proc_register(). * CVE-2025-38566 A remotely reachable flaw in the SUNRPC NFS-over-TLS server could allow a client to trigger a kernel crash by sending a crafted TLS alert. The issue lies in how the kernel processes TLS control messages, which can lead to use-after-free or invalid memory accesses during alert handling. * CVE-2025-38571 In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts. * CVE-2025-39817 In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare. * CVE-2025-39841 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path. * CVE-2025-39849 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result(). Moderate Copyright 2025 Softline PJSC CVE-2022-50087 CVE-2025-22026 CVE-2025-38566 CVE-2025-38571 CVE-2025-39817 CVE-2025-39841 CVE-2025-39849 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. * CVE-2025-53057 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE related to the Security component could allow a remote attacker to cause no confidentiality impact, high integrity impact, and no availability impact. * CVE-2025-53066 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability impact. * CVE-2025-61748 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE related to the Libraries component could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability impact. Moderate Copyright 2025 Softline PJSC CVE-2025-53057 CVE-2025-53066 CVE-2025-61748 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fix(es): * CVE-2025-53057 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE related to the Security component could allow a remote attacker to cause no confidentiality impact, high integrity impact, and no availability impact. * CVE-2025-53066 An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability impact. Bug Fix(es): * Since the 8.8 release and the 9.2 release, OpenJDK 17 has used a single build repackaged for each major OS release. With this release, this same build is now also used by the following older releases: 8.4, 8.6 and 9.0. Moderate Copyright 2025 Softline PJSC CVE-2025-53057 CVE-2025-53066 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2025-46817 Redis could allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. * CVE-2025-46818 Redis could allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. * CVE-2025-46819 Redis could allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. * CVE-2025-49844 Redis could allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. Important Copyright 2025 Softline PJSC CVE-2025-46817 CVE-2025-46818 CVE-2025-46819 CVE-2025-49844 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The LibTIFF packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. * CVE-2025-9900 A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user. * CVE-2025-8176 LibTIFF could allow a local authenticated attacker to execute arbitrary code on the system, caused by an use-after-free in function get_histogram of the file tools/tiffmedian.c. Important Copyright 2025 Softline PJSC CVE-2025-8176 CVE-2025-9900 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-39730 A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system. * CVE-2025-39751 In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control. * CVE-2023-53331 In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init. * CVE-2025-39718 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skb_put(). * CVE-2025-39819 In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fix inconsistent refcnt update. Moderate Copyright 2025 Softline PJSC CVE-2023-53331 CVE-2025-39718 CVE-2025-39730 CVE-2025-39751 CVE-2025-39819 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2025-46817 Redis could allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. * CVE-2025-46818 Redis could allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. * CVE-2025-46819 Redis could allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. * CVE-2025-49844 Redis could allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. Important Copyright 2025 Softline PJSC CVE-2025-46817 CVE-2025-46818 CVE-2025-46819 CVE-2025-49844 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libsoup packages provide an HTTP client and server library for GNOME. * CVE-2025-11021 A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup. * CVE-2025-4945 A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines. Important Copyright 2025 Softline PJSC CVE-2025-11021 CVE-2025-4945 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. * CVE-2025-27144 A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of . characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Moderate Copyright 2025 Softline PJSC CVE-2025-27144 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. * CVE-2025-62229 A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. * CVE-2025-62230 A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect. * CVE-2025-62231 A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash. Moderate Copyright 2025 Softline PJSC CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Qt 3D provides functionality for near-realtime simulation systems with support for 2D and 3D rendering in both Qt C++ and Qt Quick applications). * CVE-2025-11277 Open Asset Import Library (assimp) is vulnerable to a denial of service, caused by a heap-based buffer-overflow in Q3DImporter::InternReadFile. Moderate Copyright 2025 Softline PJSC CVE-2025-11277 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2022-50367 In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy. * CVE-2023-53494 A use-after-free in the XTS skcipher template where -EBUSY from the crypto backend (with MAY_BACKLOG) was not treated like -EINPROGRESS, causing request data to be freed while still referenced. Impact is kernel memory corruption (high integrity/availability impact). * CVE-2025-39702 Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by timing attack in MAC comparison. Moderate Copyright 2025 Softline PJSC CVE-2022-50367 CVE-2023-53494 CVE-2025-39702 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. * CVE-2025-62229 A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. * CVE-2025-62230 A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect. * CVE-2025-62231 A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash. Moderate Copyright 2025 Softline PJSC CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. * CVE-2025-59830 An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (&). The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service). * CVE-2025-61770 Rack::Multipart::Parser buffers the entire multipart preamble (bytes before the first boundary) in memory without any size limit. A client can send a large preamble followed by a valid boundary, causing significant memory use and potential process termination due to out-of-memory (OOM) conditions. * CVE-2025-61771 Rack::Multipart::Parser stores non-file form fields (parts without a `filename`) entirely in memory as Ruby `String` objects. A single large text field in a multipart/form-data request (hundreds of megabytes or more) can consume equivalent process memory, potentially leading to out-of-memory (OOM) conditions and denial of service (DoS). Attackers can send large non-file fields to trigger excessive memory usage. Impact scales with request size and concurrency, potentially leading to worker crashes or severe garbage-collection overhead. * CVE-2025-61772 Rack::Multipart::Parser can accumulate unbounded data when a multipart part’s header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS). Attackers can send incomplete multipart headers to trigger high memory use, leading to process termination (OOM) or severe slowdown. The effect scales with request size limits and concurrency. * CVE-2025-61919 A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size. Important Copyright 2025 Softline PJSC CVE-2025-59830 CVE-2025-61770 CVE-2025-61771 CVE-2025-61772 CVE-2025-61919 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. * CVE-2025-62229 A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. * CVE-2025-62230 A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect. * CVE-2025-62231 A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash. Important Copyright 2025 Softline PJSC CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime. * CVE-2025-31133 A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instead bind-mount the symlink target read-write. * CVE-2025-52565 A flaw exploits an issue in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console. * CVE-2025-52881 A flaw was found in runc. This is a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. Important Copyright 2025 Softline PJSC CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. * CVE-2025-11230 A flaw was found in haproxy. A stemming from an inefficient algorithmic complexity issue within its bundled mjson parsing library. This vulnerability is triggered when haproxy is configured to analyze JSON content, such as with the json_query or jwt_payload_query function Important Copyright 2025 Softline PJSC CVE-2025-11230 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2025-52881 A flaw was found in runc. This is a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. Important Copyright 2025 Softline PJSC CVE-2025-52881 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2025-46817 Redis could allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. * CVE-2025-46818 Redis could allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. * CVE-2025-46819 Redis could allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. * CVE-2025-49844 Redis could allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. Important Copyright 2025 Softline PJSC CVE-2025-46817 CVE-2025-46818 CVE-2025-46819 CVE-2025-49844 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Qt 3D provides functionality for near-realtime simulation systems with support for 2D and 3D rendering in both Qt C++ and Qt Quick applications). * CVE-2025-11277 Open Asset Import Library (assimp) is vulnerable to a denial of service, caused by a heap-based buffer-overflow in Q3DImporter::InternReadFile. Moderate Copyright 2025 Softline PJSC CVE-2025-11277 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. * CVE-2025-62229 A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. * CVE-2025-62230 A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect. * CVE-2025-62231 A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash. Moderate Copyright 2025 Softline PJSC CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Xwayland is an X server for running X clients under Wayland. * CVE-2025-62229 A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. * CVE-2025-62230 A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect. * CVE-2025-62231 A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash. Moderate Copyright 2025 Softline PJSC CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The libsoup packages provide an HTTP client and server library for GNOME. * CVE-2025-11021 A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup. * CVE-2025-4945 A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines. Important Copyright 2025 Softline PJSC CVE-2025-11021 CVE-2025-4945 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. * CVE-2025-62229 A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. * CVE-2025-62230 A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect. * CVE-2025-62231 A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash. Important Copyright 2025 Softline PJSC CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. * CVE-2025-5318 A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior. Moderate Copyright 2025 Softline PJSC CVE-2025-5318 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Vim (Vi IMproved) is an updated and improved version of the vi editor. * CVE-2025-53905 A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. * CVE-2025-53906 A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. Moderate Copyright 2025 Softline PJSC CVE-2025-53905 CVE-2025-53906 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. * CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. Important Copyright 2025 Softline PJSC CVE-2025-11561 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. * CVE-2025-6965 There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. Important Copyright 2025 Softline PJSC CVE-2025-6965 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. * CVE-2025-7493 A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA still does not validate the root@REALM canonical name, which can also be used as the realm administrator's name. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration. Important Copyright 2025 Softline PJSC CVE-2025-7493 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. * CVE-2025-46817 Redis could allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution. * CVE-2025-46818 Redis could allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. * CVE-2025-46819 Redis could allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. * CVE-2025-49844 Redis could allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. Important Copyright 2025 Softline PJSC CVE-2025-46817 CVE-2025-46818 CVE-2025-46819 CVE-2025-49844 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. * CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. * CVE-2025-47907 A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application. Important Copyright 2025 Softline PJSC CVE-2025-47907 CVE-2025-9566 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. * CVE-2025-43272 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. * CVE-2025-43342 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper checks. * CVE-2025-43356 A flaw was found in WebKitGTK. A malicious website can obtain access to sensor information without user consent due to improper handling of caches. * CVE-2025-43368 A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash. * CVE-2025-43343 A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Important Copyright 2025 Softline PJSC CVE-2025-43272 CVE-2025-43342 CVE-2025-43343 CVE-2025-43356 CVE-2025-43368 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. * CVE-2025-59088 If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request for a realm matching a DNS zone where they created SRV records pointing to arbitrary ports and hostnames (which may resolve to loopback or internal IP addresses). This vulnerability can be exploited to probe internal network topology and firewall rules, perform port scanning, and exfiltrate data. Deployments where the "use_dns" setting is explicitly set to false are not affected. * CVE-2025-59089 If an attacker causes kdcproxy to connect to an attacker-controlled KDC server (e.g. through server-side request forgery), they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copies the entire buffered stream into a new buffer on each recv() call, even when the transfer is incomplete, causing excessive memory allocation and CPU usage. Additionally, kdcproxy accepts incoming response chunks as long as the received data length is not exactly equal to the length indicated in the response header, even when individual chunks or the total buffer exceed the maximum length of a Kerberos message. This allows an attacker to send unbounded data until the connection timeout is reached (approximately 12 seconds), exhausting server memory or CPU resources. Multiple concurrent requests can cause accept queue overflow, denying service to legitimate clients. Important Copyright 2025 Softline PJSC CVE-2025-59088 CVE-2025-59089 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. * CVE-2025-40778 A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers. * CVE-2025-40780 ISC BIND could allow a remote attacker to poison the DNS cache, caused by a weakness in the Pseudo Random Number Generator (PRNG). An attacker could exploit this vulnerability to predict the source port and query ID that BIND will use. Important Copyright 2025 Softline PJSC CVE-2025-40778 CVE-2025-40780 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. * CVE-2025-40778 A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records (RRs) in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache, redirecting clients to malicious domains or unauthorized servers. * CVE-2025-40780 ISC BIND could allow a remote attacker to poison the DNS cache, caused by a weakness in the Pseudo Random Number Generator (PRNG). An attacker could exploit this vulnerability to predict the source port and query ID that BIND will use. * CVE-2025-8677 ISC BIND is vulnerable to a denial of service, caused by improper DNSKEY handling. By querying for records within a specially crafted zone containing certain malformed DNSKEY records, a remote attacker could exploit this vulnerability to exhaust CPU resources. Important Copyright 2025 Softline PJSC CVE-2025-40778 CVE-2025-40780 CVE-2025-8677 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The LibTIFF packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. * CVE-2025-9900 A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user. * CVE-2025-8176 LibTIFF could allow a local authenticated attacker to execute arbitrary code on the system, caused by an use-after-free in function get_histogram of the file tools/tiffmedian.c. Important Copyright 2025 Softline PJSC CVE-2025-8176 CVE-2025-9900 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime. * CVE-2025-31133 A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instead bind-mount the symlink target read-write. * CVE-2025-52565 A flaw exploits an issue in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console. * CVE-2025-52881 A flaw was found in runc. This is a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. Important Copyright 2025 Softline PJSC CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. * CVE-2025-59830 An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (&). The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service). * CVE-2025-61770 Rack::Multipart::Parser buffers the entire multipart preamble (bytes before the first boundary) in memory without any size limit. A client can send a large preamble followed by a valid boundary, causing significant memory use and potential process termination due to out-of-memory (OOM) conditions. * CVE-2025-61771 Rack::Multipart::Parser stores non-file form fields (parts without a `filename`) entirely in memory as Ruby `String` objects. A single large text field in a multipart/form-data request (hundreds of megabytes or more) can consume equivalent process memory, potentially leading to out-of-memory (OOM) conditions and denial of service (DoS). Attackers can send large non-file fields to trigger excessive memory usage. Impact scales with request size and concurrency, potentially leading to worker crashes or severe garbage-collection overhead. * CVE-2025-61772 Rack::Multipart::Parser can accumulate unbounded data when a multipart part’s header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS). Attackers can send incomplete multipart headers to trigger high memory use, leading to process termination (OOM) or severe slowdown. The effect scales with request size limits and concurrency. * CVE-2025-61919 A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size. Important Copyright 2025 Softline PJSC CVE-2025-59830 CVE-2025-61770 CVE-2025-61771 CVE-2025-61772 CVE-2025-61919 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 VMware Tools is a suite of utilities and drivers that improves the performance and management of a virtual machine (VM) by enhancing communication between the guest operating system and the VMware hypervisor. Installing it resolves issues like low video resolution, jerky mouse movement, and poor performance, enabling features like seamless mouse integration, drag-and-drop file transfer, and dynamic resizing of the display. * CVE-2025-22247 A vulnerability was found in open-vm-tools. A malicious actor with non-administrative privileges on a guest virtual machine (VM) may tamper with the local files to trigger insecure file operations within that VM. Moderate Copyright 2025 Softline PJSC CVE-2025-22247 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. * CVE-2025-9230 OpenSSL could allow a remote attacker to execute arbitrary code or trigger a crash on the system, caused by an out-of-bounds read and write flaw when trying to decrypt CMS messages encrypted using password based encryption. Moderate Copyright 2025 Softline PJSC CVE-2025-9230 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. * CVE-2025-13012 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a race condition in the Graphics component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-13013 Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by a mitigation bypass in the DOM: Core & HTML component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions. * CVE-2025-13014 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the Audio/Video component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. * CVE-2025-13015 Mozilla Firefox could allow a remote attacker to conduct spoofing attacks. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to conduct a spoofing attack. * CVE-2025-13016 Mozilla Firefox is vulnerable to a buffer overflow, caused by an incorrect boundary conditions in the JavaScript: WebAssembly component. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. * CVE-2025-13017 Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by a same-origin policy bypass in the DOM: Notifications component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions. * CVE-2025-13018 Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by a mitigation bypass in the DOM: Security component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions. * CVE-2025-13019 Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by a same-origin policy bypass in the DOM: Workers component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to bypass security restrictions. * CVE-2025-13020 Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebRTC: Audio/Video component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. Important Copyright 2025 Softline PJSC CVE-2025-13012 CVE-2025-13013 CVE-2025-13014 CVE-2025-13015 CVE-2025-13016 CVE-2025-13017 CVE-2025-13018 CVE-2025-13019 CVE-2025-13020 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2025-38498 In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts. * CVE-2025-38351 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush. * CVE-2025-39697 In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updating an existing write. * CVE-2025-39881 In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released. * CVE-2025-39971 In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg. * CVE-2025-39982 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync. * CVE-2025-39983 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue. * CVE-2025-40047 In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: always prune wait queue entry in io_waitid_wait(). Moderate Copyright 2025 Softline PJSC CVE-2025-38351 CVE-2025-38498 CVE-2025-39697 CVE-2025-39881 CVE-2025-39971 CVE-2025-39982 CVE-2025-39983 CVE-2025-40047 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. * CVE-2025-47151 A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability. Critical Copyright 2025 Softline PJSC CVE-2025-47151 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. * CVE-2025-62168 A Information Disclosure vulnerability has been identified in the Squid web caching proxy. This flaw occurs when the application fails to properly redact sensitive Hypertext Transfer Protocol (HTTP) authentication credentials from an error response. A remote client can exploit this by triggering an error condition, which allows a malicious script to bypass browser security and disclose the username and password a trusted client uses for access. This directly compromises the security of internal application credentials and security tokens, especially when Squid is configured for backend load balancing. Important Copyright 2025 Softline PJSC CVE-2025-62168 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The kernel packages contain the Linux kernel, the core of any Linux operating system. * CVE-2022-50087 In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails. * CVE-2025-38566 A remotely reachable flaw in the SUNRPC NFS-over-TLS server could allow a client to trigger a kernel crash by sending a crafted TLS alert. The issue lies in how the kernel processes TLS control messages, which can lead to use-after-free or invalid memory accesses during alert handling. * CVE-2023-53373 The flaw is in the seqiv IV generator and can lead to a use-after-free when backlogged crypto requests return -EBUSY. Triggering it is easier locally by flooding the kernel crypto API (e.g. via AF_ALG or many concurrent AEAD requests) because the attacker must create backlog conditions. Remote triggering is much harder and only realistic for specific configurations (for example an in-kernel IPsec/TLS path that uses seqiv for AEAD). In practice this means an unprivileged local user with access to the kernel crypto interface is the most likely threat vector, while a remote attacker would need the target to both use seqiv and be inducible into heavy crypto backlog. * CVE-2025-38571 In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts. * CVE-2025-39817 In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare. * CVE-2025-39841 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path. * CVE-2025-39849 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result(). * CVE-2023-53331 In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init. * CVE-2025-39718 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skb_put(). * CVE-2022-50367 In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy. * CVE-2023-53494 A use-after-free in the XTS skcipher template where -EBUSY from the crypto backend (with MAY_BACKLOG) was not treated like -EINPROGRESS, causing request data to be freed while still referenced. Impact is kernel memory corruption (high integrity/availability impact). * CVE-2025-39702 Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by timing attack in MAC comparison. * CVE-2025-40300 Linux Kernel could allow a local attacker to obtain secrets from a hypervisor in a cloud environment, caused by a flaw in the handling of the branch target buffer (BTB) entries. This vulnerability is known as VMSCAPE. Moderate Copyright 2025 Softline PJSC CVE-2022-50087 CVE-2022-50367 CVE-2023-53331 CVE-2023-53373 CVE-2023-53494 CVE-2025-38566 CVE-2025-38571 CVE-2025-39702 CVE-2025-39718 CVE-2025-39817 CVE-2025-39841 CVE-2025-39849 CVE-2025-40300 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The LibTIFF packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. * CVE-2023-52356 A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. * CVE-2023-52355 An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB. Moderate Copyright 2025 Softline PJSC CVE-2023-52355 CVE-2023-52356 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The zziplib is a lightweight library to easily extract data from zip files. * CVE-2018-17828 It was discovered that zziplib is vulnerable to a directory traversal flaw in most of its unzip binaries, including unzip-mem, unzzipcat-mem, unzzipcat-big, unzzipcat-mix, and unzzipcat-zip. An attacker may use this flaw to write files outside the intended target directory, overwriting existing files, or creating new ones. Moderate Copyright 2025 Softline PJSC CVE-2018-17828 cpe:/o:ncsd:msvsphere:9 MSVSphere OS 9 The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group accounts. * CVE-2024-56433 A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users. Low Copyright 2025 Softline PJSC CVE-2024-56433 cpe:/o:ncsd:msvsphere:9 ^sphere-release ^9\. /etc/sphere-release openssh openssh-askpass openssh-clients openssh-keycat openssh-server pam_ssh_agent_auth squid firefox firefox-x11 cups cups-client cups-devel cups-filesystem cups-ipptool cups-libs cups-lpd cups-printerapp python3 python3-debug python3-devel python3-idle python3-libs python3-test python3-tkinter python-unversioned-command mod_jk mod_proxy_cluster qemu-guest-agent qemu-img qemu-kvm qemu-kvm-audio-pa qemu-kvm-block-blkio qemu-kvm-block-curl qemu-kvm-block-rbd qemu-kvm-common qemu-kvm-core qemu-kvm-device-display-virtio-gpu qemu-kvm-device-display-virtio-gpu-pci qemu-kvm-device-display-virtio-vga qemu-kvm-device-usb-host qemu-kvm-device-usb-redirect qemu-kvm-docs qemu-kvm-tools qemu-kvm-ui-egl-headless qemu-kvm-ui-opengl qemu-pr-helper runc python3.11 python3.11-debug python3.11-devel python3.11-idle python3.11-libs python3.11-test python3.11-tkinter flatpak flatpak-devel flatpak-libs flatpak-selinux flatpak-session-helper iwl1000-firmware iwl100-firmware iwl105-firmware iwl135-firmware iwl2000-firmware iwl2030-firmware iwl3160-firmware iwl5000-firmware iwl5150-firmware iwl6000g2a-firmware iwl6000g2b-firmware iwl6050-firmware iwl7260-firmware libertas-sd8787-firmware linux-firmware linux-firmware-whence netronome-firmware java-21-openjdk java-21-openjdk-demo java-21-openjdk-demo-fastdebug java-21-openjdk-demo-slowdebug java-21-openjdk-devel java-21-openjdk-devel-fastdebug java-21-openjdk-devel-slowdebug java-21-openjdk-fastdebug java-21-openjdk-headless java-21-openjdk-headless-fastdebug java-21-openjdk-headless-slowdebug java-21-openjdk-javadoc java-21-openjdk-javadoc-zip java-21-openjdk-jmods java-21-openjdk-jmods-fastdebug java-21-openjdk-jmods-slowdebug java-21-openjdk-slowdebug java-21-openjdk-src java-21-openjdk-src-fastdebug java-21-openjdk-src-slowdebug java-21-openjdk-static-libs java-21-openjdk-static-libs-fastdebug java-21-openjdk-static-libs-slowdebug java-17-openjdk java-17-openjdk-demo java-17-openjdk-demo-fastdebug java-17-openjdk-demo-slowdebug java-17-openjdk-devel java-17-openjdk-devel-fastdebug java-17-openjdk-devel-slowdebug java-17-openjdk-fastdebug java-17-openjdk-headless java-17-openjdk-headless-fastdebug java-17-openjdk-headless-slowdebug java-17-openjdk-javadoc java-17-openjdk-javadoc-zip java-17-openjdk-jmods java-17-openjdk-jmods-fastdebug java-17-openjdk-jmods-slowdebug java-17-openjdk-slowdebug java-17-openjdk-src java-17-openjdk-src-fastdebug java-17-openjdk-src-slowdebug java-17-openjdk-static-libs java-17-openjdk-static-libs-fastdebug java-17-openjdk-static-libs-slowdebug skopeo skopeo-tests containernetworking-plugins libvirt-daemon libvirt-daemon-common libvirt-daemon-config-network libvirt-daemon-config-nwfilter libvirt libvirt-client libvirt-client-qemu libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-kvm libvirt-daemon-lock libvirt-daemon-log libvirt-daemon-plugin-lockd libvirt-daemon-plugin-sanlock libvirt-daemon-proxy libvirt-devel libvirt-docs libvirt-libs libvirt-nss libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libreoffice-langpack-nr libreoffice-help-eu libreoffice-help-ja libreoffice-impress libreoffice-langpack-de libreoffice-langpack-fy libreoffice-langpack-kk autocorr-en autocorr-es autocorr-fa autocorr-fi autocorr-fr autocorr-ga autocorr-hr autocorr-hsb autocorr-hu autocorr-is autocorr-it autocorr-ja autocorr-ko autocorr-lb autocorr-lt autocorr-mn autocorr-nl autocorr-pl autocorr-pt autocorr-bg autocorr-ca autocorr-cs autocorr-da autocorr-de autocorr-dsb autocorr-el autocorr-vro autocorr-tr autocorr-zh libreoffice libreoffice-base libreoffice-core libreoffice-data libreoffice-draw libreoffice-emailmerge libreoffice-filters libreoffice-gdb-debug-support libreoffice-graphicfilter libreoffice-gtk3 libreoffice-help-ar libreoffice-help-bg libreoffice-help-ca libreoffice-help-cs libreoffice-help-da libreoffice-help-de libreoffice-help-dz libreoffice-help-el libreoffice-help-en libreoffice-help-eo libreoffice-help-es libreoffice-help-et libreoffice-help-fi libreoffice-help-fr libreoffice-help-gl libreoffice-help-gu libreoffice-help-he libreoffice-help-hi libreoffice-help-hr libreoffice-help-hu libreoffice-help-id libreoffice-help-it libreoffice-help-ko libreoffice-help-lt libreoffice-help-lv libreoffice-help-nb libreoffice-help-nl libreoffice-help-nn libreoffice-help-pl libreoffice-help-pt-BR libreoffice-help-pt-PT libreoffice-help-ro autocorr-ru autocorr-sk autocorr-sl autocorr-sr autocorr-sv autocorr-ro autocorr-vi libreoffice-help-zh-Hans libreoffice-help-zh-Hant libreoffice-help-tr libreoffice-langpack-af libreoffice-langpack-ar libreoffice-langpack-as libreoffice-langpack-bg libreoffice-langpack-bn libreoffice-langpack-br libreoffice-langpack-ca libreoffice-langpack-cs libreoffice-langpack-cy libreoffice-langpack-da libreoffice-langpack-dz libreoffice-langpack-el libreoffice-langpack-en libreoffice-langpack-eo libreoffice-langpack-es libreoffice-langpack-et libreoffice-langpack-eu libreoffice-langpack-fa libreoffice-langpack-fi libreoffice-langpack-fr libreoffice-langpack-ga libreoffice-langpack-gl libreoffice-langpack-gu libreoffice-langpack-he libreoffice-langpack-hi libreoffice-langpack-hr libreoffice-langpack-hu libreoffice-langpack-id libreoffice-langpack-it libreoffice-langpack-ja libreoffice-langpack-kn libreoffice-langpack-ko libreoffice-langpack-lt libreoffice-langpack-lv libreoffice-langpack-mai libreoffice-langpack-ml libreoffice-langpack-mr libreoffice-langpack-nb libreoffice-langpack-nl libreoffice-langpack-nn libreoffice-langpack-nso libreoffice-langpack-or libreoffice-langpack-pa libreoffice-langpack-pl libreoffice-langpack-pt-BR libreoffice-help-si libreoffice-help-sk libreoffice-help-sl libreoffice-help-sv libreoffice-help-ta libreoffice-help-ru libreoffice-help-uk libreoffice-langpack-st libreoffice-langpack-sv libreoffice-langpack-ta libreoffice-langpack-te libreoffice-langpack-th libreoffice-langpack-tn libreoffice-langpack-tr libreoffice-langpack-ts libreoffice-langpack-uk libreoffice-langpack-ve libreoffice-langpack-xh libreoffice-langpack-zh-Hans libreoffice-langpack-zh-Hant libreoffice-langpack-zu libreoffice-math libreoffice-ogltrans libreoffice-opensymbol-fonts libreoffice-pdfimport libreoffice-pyuno libreoffice-sdk libreoffice-sdk-doc libreoffice-ure libreoffice-ure-common libreoffice-wiki-publisher libreoffice-writer libreoffice-x11 libreoffice-xsltfilter libreofficekit libreoffice-langpack-pt-PT libreoffice-langpack-ro libreoffice-langpack-ru libreoffice-langpack-si libreoffice-langpack-sk libreoffice-langpack-sl libreoffice-langpack-sr libreoffice-langpack-ss libreoffice-calc libreoffice-help-bn autocorr-af fence-agents-aws fence-agents-azure-arm fence-agents-bladecenter fence-agents-brocade fence-agents-cisco-mds fence-agents-cisco-ucs fence-agents-common fence-agents-compute fence-agents-drac5 fence-agents-eaton-snmp fence-agents-emerson fence-agents-eps fence-agents-gce fence-agents-heuristics-ping fence-agents-hpblade fence-agents-ibmblade fence-agents-ibm-powervs fence-agents-ibm-vpc fence-agents-ifmib fence-agents-ilo2 fence-agents-ilo-moonshot fence-agents-ilo-mp fence-agents-ilo-ssh fence-agents-intelmodular fence-agents-ipdu fence-agents-ipmilan fence-agents-kdump fence-agents-kubevirt fence-agents-lpar fence-agents-mpath fence-agents-openstack fence-agents-redfish fence-agents-rhevm fence-agents-rsb fence-agents-sbd fence-agents-scsi fence-agents-virsh fence-agents-vmware-rest fence-agents-vmware-soap fence-agents-wti fence-virt fence-virtd fence-virtd-cpg fence-agents-aliyun fence-agents-all fence-agents-amt-ws fence-agents-apc fence-agents-apc-snmp fence-virtd-multicast fence-virtd-libvirt fence-virtd-serial fence-virtd-tcp ha-cloud-support fence-agents-rsa aspnetcore-runtime-6.0 aspnetcore-targeting-pack-6.0 dotnet-apphost-pack-6.0 dotnet-hostfxr-6.0 dotnet-runtime-6.0 dotnet-sdk-6.0 dotnet-sdk-6.0-source-built-artifacts dotnet-targeting-pack-6.0 dotnet-templates-6.0 gvisor-tap-vsock podman podman-docker podman-plugins podman-remote podman-tests 389-ds-base 389-ds-base-devel 389-ds-base-libs python3-lib389 cockpit cockpit-bridge cockpit-doc cockpit-packagekit cockpit-pcp cockpit-storaged cockpit-system cockpit-ws buildah buildah-tests less thunderbird edk2-ovmf edk2-tools edk2-tools-doc httpd httpd-core httpd-devel httpd-filesystem httpd-manual httpd-tools mod_ldap mod_lua mod_proxy_html mod_session mod_ssl tomcat tomcat-admin-webapps tomcat-docs-webapp tomcat-el-3.0-api tomcat-jsp-2.3-api tomcat-lib tomcat-servlet-4.0-api tomcat-webapps libndp qt5-qtbase qt5-qtbase-common qt5-qtbase-devel qt5-qtbase-examples qt5-qtbase-gui qt5-qtbase-mysql qt5-qtbase-odbc qt5-qtbase-postgresql qt5-qtbase-private-devel qt5-qtbase-static bind bind-chroot bind-devel bind-dnssec-doc bind-dnssec-utils bind-doc bind-dyndb-ldap bind-libs bind-license bind-utils python3-bind python3-jwcrypto mod_http2 ipa-client ipa-client-common ipa-client-epn ipa-client-samba ipa-common ipa-selinux ipa-server ipa-server-common ipa-server-dns ipa-server-trust-ad python3-ipaclient python3-ipalib python3-ipaserver python3-ipatests openssl openssl-devel openssl-libs openssl-perl avahi avahi-compat-howl avahi-compat-howl-devel avahi-compat-libdns_sd avahi-compat-libdns_sd-devel avahi-devel avahi-glib avahi-glib-devel avahi-libs avahi-tools libtiff libtiff-devel libtiff-tools freerdp freerdp-devel freerdp-libs libwinpr libwinpr-devel pam pam-devel pam-docs mingw32-glib2 mingw32-glib2-static mingw64-glib2 mingw64-glib2-static grub2-common grub2-efi-x64 grub2-efi-x64-cdboot grub2-efi-x64-modules grub2-pc grub2-pc-modules grub2-tools grub2-tools-efi grub2-tools-extra grub2-tools-minimal ansible-core ansible-test rhel-net-naming-sysattrs systemd systemd-boot-unsigned systemd-container systemd-devel systemd-journal-remote systemd-libs systemd-oomd systemd-pam systemd-resolved systemd-rpm-macros systemd-udev xorg-x11-server-Xwayland pcp-doc pcp-export-pcp2elasticsearch pcp-export-pcp2graphite pcp-export-pcp2influxdb pcp-export-pcp2json pcp-export-pcp2spark pcp-export-pcp2xml pcp-export-pcp2zabbix pcp-export-zabbix-agent pcp-geolocate pcp-gui pcp-import-collectl2pcp pcp-import-ganglia2pcp pcp-import-iostat2pcp pcp-import-mrtg2pcp pcp-import-sar2pcp pcp-libs pcp-libs-devel pcp-pmda-activemq pcp-pmda-apache pcp pcp-conf pcp-devel pcp-pmda-bonding pcp-pmda-bpf pcp-pmda-bpftrace pcp-pmda-cifs pcp-pmda-cisco pcp-pmda-dbping pcp-pmda-denki pcp-pmda-docker pcp-pmda-ds389 pcp-pmda-ds389log pcp-pmda-elasticsearch pcp-pmda-farm pcp-pmda-gfs2 pcp-pmda-gluster pcp-pmda-gpfs pcp-pmda-gpsd pcp-pmda-hacluster pcp-pmda-infiniband pcp-pmda-json pcp-pmda-libvirt pcp-pmda-lio pcp-pmda-lmsensors pcp-pmda-logger pcp-pmda-lustre pcp-pmda-lustrecomm pcp-pmda-mailq pcp-pmda-memcache pcp-pmda-bash pcp-pmda-bcc pcp-pmda-bind2 pcp-pmda-mysql pcp-pmda-named pcp-pmda-netcheck pcp-pmda-netfilter pcp-pmda-news pcp-pmda-nginx pcp-pmda-nvidia-gpu pcp-pmda-openmetrics pcp-pmda-openvswitch pcp-pmda-oracle pcp-pmda-pdns pcp-pmda-perfevent pcp-pmda-podman pcp-pmda-postfix pcp-pmda-postgresql pcp-pmda-redis pcp-pmda-resctrl pcp-pmda-roomtemp pcp-pmda-rsyslog pcp-pmda-samba pcp-pmda-sendmail pcp-pmda-shping pcp-pmda-slurm pcp-pmda-smart pcp-pmda-snmp pcp-pmda-mic pcp-pmda-mounts pcp-pmda-mssql pcp-pmda-unbound pcp-pmda-weblog pcp-pmda-zimbra pcp-pmda-zswap pcp-selinux pcp-system-tools pcp-testsuite pcp-zeroconf perl-PCP-LogImport perl-PCP-LogSummary perl-PCP-MMV perl-PCP-PMDA python3-pcp pcp-pmda-haproxy pcp-pmda-dm pcp-pmda-nfsclient pcp-pmda-summary pcp-pmda-rabbitmq pcp-pmda-trace pcp-pmda-sockets pcp-pmda-statsd pcp-pmda-systemd pcp-pmda-mongodb rpm-ostree rpm-ostree-libs xorg-x11-server-common xorg-x11-server-devel xorg-x11-server-source xorg-x11-server-Xdmx xorg-x11-server-Xephyr xorg-x11-server-Xnest xorg-x11-server-Xorg xorg-x11-server-Xvfb libnbd libnbd-bash-completion libnbd-devel nbdfuse ocaml-libnbd ocaml-libnbd-devel python3-libnbd toolbox toolbox-tests libreswan java-1.8.0-openjdk java-1.8.0-openjdk-demo java-1.8.0-openjdk-demo-fastdebug java-1.8.0-openjdk-demo-slowdebug java-1.8.0-openjdk-devel java-1.8.0-openjdk-devel-fastdebug java-1.8.0-openjdk-devel-slowdebug java-1.8.0-openjdk-fastdebug java-1.8.0-openjdk-headless java-1.8.0-openjdk-headless-fastdebug java-1.8.0-openjdk-headless-slowdebug java-1.8.0-openjdk-javadoc java-1.8.0-openjdk-javadoc-zip java-1.8.0-openjdk-slowdebug java-1.8.0-openjdk-src java-1.8.0-openjdk-src-fastdebug java-1.8.0-openjdk-src-slowdebug python3.11-urllib3 idm-pki-acme idm-pki-base idm-pki-ca idm-pki-est idm-pki-java idm-pki-kra idm-pki-server idm-pki-tools python3-idm-pki glibc-gconv-extra glibc-headers glibc-langpack-aa glibc-langpack-af glibc-langpack-agr glibc-langpack-ak glibc-langpack-am glibc-langpack-an glibc-langpack-ar glibc-langpack-as glibc-langpack-ast glibc-langpack-ayc glibc-langpack-az glibc-langpack-be glibc-langpack-bem glibc-langpack-ber glibc-langpack-bg glibc-langpack-bhb glibc-langpack-bi glibc-langpack-bn glibc glibc-all-langpacks glibc-benchtests glibc-common glibc-devel glibc-doc glibc-langpack-cmn glibc-langpack-crh glibc-langpack-csb glibc-langpack-cv glibc-langpack-cy glibc-langpack-da glibc-langpack-de glibc-langpack-doi glibc-langpack-dsb glibc-langpack-dv glibc-langpack-dz glibc-langpack-el glibc-langpack-eo glibc-langpack-es glibc-langpack-et glibc-langpack-eu glibc-langpack-fa glibc-langpack-ff glibc-langpack-fi glibc-langpack-fil glibc-langpack-br glibc-langpack-brx glibc-langpack-bs glibc-langpack-byn glibc-langpack-ca glibc-langpack-ce glibc-langpack-chr glibc-langpack-ckb glibc-langpack-gu glibc-langpack-gv glibc-langpack-hak glibc-langpack-he glibc-langpack-hi glibc-langpack-hif glibc-langpack-hne glibc-langpack-hr glibc-langpack-hsb glibc-langpack-ht glibc-langpack-hu glibc-langpack-hy glibc-langpack-id glibc-langpack-ig glibc-langpack-ik glibc-langpack-is glibc-langpack-it glibc-langpack-iu glibc-langpack-ja glibc-langpack-ka glibc-langpack-kab glibc-langpack-fo glibc-langpack-fr glibc-langpack-fur glibc-langpack-fy glibc-langpack-ga glibc-langpack-gd glibc-langpack-gez glibc-langpack-gl glibc-langpack-kw glibc-langpack-ky glibc-langpack-lg glibc-langpack-li glibc-langpack-lij glibc-langpack-ln glibc-langpack-lo glibc-langpack-lt glibc-langpack-lv glibc-langpack-lzh glibc-langpack-mag glibc-langpack-mai glibc-langpack-mg glibc-langpack-mhr glibc-langpack-mi glibc-langpack-miq glibc-langpack-mjw glibc-langpack-mk glibc-langpack-ml glibc-langpack-mn glibc-langpack-mni glibc-langpack-kk glibc-langpack-kl glibc-langpack-km glibc-langpack-kn glibc-langpack-ko glibc-langpack-kok glibc-langpack-ks glibc-langpack-ku glibc-langpack-ne glibc-langpack-nhn glibc-langpack-nl glibc-langpack-nn glibc-langpack-nr glibc-langpack-nso glibc-langpack-oc glibc-langpack-om glibc-langpack-or glibc-langpack-os glibc-langpack-pa glibc-langpack-pap glibc-langpack-ps glibc-langpack-pt glibc-langpack-quz glibc-langpack-raj glibc-langpack-ro glibc-langpack-ru glibc-langpack-rw glibc-langpack-sa glibc-langpack-sah glibc-langpack-mnw glibc-langpack-mr glibc-langpack-ms glibc-langpack-mt glibc-langpack-my glibc-langpack-nan glibc-langpack-nb glibc-langpack-nds glibc-langpack-sid glibc-langpack-sk glibc-langpack-sm glibc-langpack-so glibc-langpack-sq glibc-langpack-sr glibc-langpack-ss glibc-langpack-st glibc-langpack-sv glibc-langpack-sw glibc-langpack-szl glibc-langpack-ta glibc-langpack-te glibc-langpack-tg glibc-langpack-th glibc-langpack-the glibc-langpack-ti glibc-langpack-tig glibc-langpack-tk glibc-langpack-tl glibc-langpack-tn glibc-langpack-sat glibc-langpack-sc glibc-langpack-sd glibc-langpack-se glibc-langpack-sgs glibc-langpack-shn glibc-langpack-shs glibc-langpack-si glibc-langpack-ve glibc-langpack-vi glibc-langpack-wa glibc-langpack-wae glibc-langpack-wal glibc-langpack-wo glibc-langpack-xh glibc-langpack-yi glibc-langpack-yo glibc-langpack-yue glibc-langpack-zh glibc-langpack-zu glibc-locale-source glibc-minimal-langpack glibc-nss-devel glibc-static glibc-utils libnsl glibc-langpack-tpi glibc-langpack-tr glibc-langpack-ts glibc-langpack-tt glibc-langpack-ug glibc-langpack-uk glibc-langpack-unm glibc-langpack-ur glibc-langpack-bo glibc-langpack-cs glibc-langpack-anp glibc-langpack-en nss_db glibc-langpack-ha glibc-langpack-ia glibc-langpack-lb glibc-langpack-mfe glibc-langpack-niu glibc-langpack-sl glibc-langpack-tcy glibc-langpack-uz glibc-langpack-yuw nscd nss_hesiod glibc-langpack-bho glibc-langpack-to glibc-langpack-pl libnghttp2 libnghttp2-devel nghttp2 python3-jinja2 osbuild-composer osbuild-composer-core osbuild-composer-worker tigervnc tigervnc-icons tigervnc-license tigervnc-selinux tigervnc-server tigervnc-server-minimal tigervnc-server-module pcs pcs-snmp ghostscript ghostscript-doc ghostscript-tools-dvipdf ghostscript-tools-fonts ghostscript-tools-printing ghostscript-x11 libgs libgs-devel aspnetcore-runtime-8.0 aspnetcore-runtime-dbg-8.0 aspnetcore-targeting-pack-8.0 dotnet-apphost-pack-8.0 dotnet-host dotnet-hostfxr-8.0 dotnet-runtime-8.0 dotnet-runtime-dbg-8.0 dotnet-sdk-8.0 dotnet-sdk-8.0-source-built-artifacts dotnet-sdk-dbg-8.0 dotnet-targeting-pack-8.0 dotnet-templates-8.0 netstandard-targeting-pack-2.1 grafana grafana-selinux golang golang-bin golang-docs golang-misc golang-src golang-tests go-toolset freeradius freeradius-devel freeradius-doc freeradius-krb5 freeradius-ldap freeradius-mysql freeradius-perl freeradius-postgresql freeradius-rest freeradius-sqlite freeradius-unixODBC freeradius-utils python3-freeradius ruby ruby-default-gems ruby-devel ruby-doc rubygem-bigdecimal rubygem-bundler rubygem-io-console rubygem-irb rubygem-json rubygem-minitest rubygem-power_assert rubygem-psych rubygem-rake rubygem-rbs rubygem-rdoc rubygem-rexml rubygem-rss rubygems rubygems-devel rubygem-test-unit rubygem-typeprof ruby-libs grafana-pcp git-lfs nodejs nodejs-docs nodejs-full-i18n npm libsss_idmap libsss_nss_idmap libsss_nss_idmap-devel libsss_simpleifp libsss_sudo python3-libipa_hbac python3-libsss_nss_idmap python3-sss python3-sssdconfig python3-sss-murmur sssd sssd-ad sssd-client sssd-common libipa_hbac libsss_autofs libsss_certmap sssd-nfs-idmap sssd-passkey sssd-polkit-rules sssd-proxy sssd-tools sssd-winbind-idmap sssd-common-pac sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap java-11-openjdk java-11-openjdk-demo java-11-openjdk-demo-fastdebug java-11-openjdk-demo-slowdebug java-11-openjdk-devel java-11-openjdk-devel-fastdebug java-11-openjdk-devel-slowdebug java-11-openjdk-fastdebug java-11-openjdk-headless java-11-openjdk-headless-fastdebug java-11-openjdk-headless-slowdebug java-11-openjdk-javadoc java-11-openjdk-javadoc-zip java-11-openjdk-jmods java-11-openjdk-jmods-fastdebug java-11-openjdk-jmods-slowdebug java-11-openjdk-slowdebug java-11-openjdk-src java-11-openjdk-src-fastdebug java-11-openjdk-src-slowdebug java-11-openjdk-static-libs java-11-openjdk-static-libs-fastdebug java-11-openjdk-static-libs-slowdebug webkit2gtk3 webkit2gtk3-devel webkit2gtk3-jsc webkit2gtk3-jsc-devel curl curl-minimal libcurl libcurl-devel libcurl-minimal python3-setuptools python3-setuptools-wheel python3.12-setuptools python3.12-setuptools-wheel python3.11-setuptools python3.11-setuptools-wheel chromedriver chromium chromium-common chromium-ffmpeg chromium-headless chromium-qt5-ui chromium-gost chromium-gost-common chromium-gost-ffmpeg chromium-gost-qt5-ui /etc/dnf/modules.d/nodejs.module \[nodejs\][\w\W]* 1 nodejs-devel nodejs-nodemon nodejs-packaging nodejs-packaging-bundler postgresql postgresql-contrib postgresql-docs postgresql-plperl postgresql-plpython3 postgresql-pltcl postgresql-private-devel postgresql-private-libs postgresql-server postgresql-server-devel postgresql-static postgresql-test postgresql-upgrade postgresql-upgrade-devel python3.12 python3.12-debug python3.12-devel python3.12-idle python3.12-libs python3.12-test python3.12-tkinter bubblewrap orc orc-compiler orc-devel krb5-devel krb5-libs krb5-pkinit krb5-server krb5-server-ldap krb5-workstation libkadm5 python3-urllib3 dovecot dovecot-devel dovecot-mysql dovecot-pgsql dovecot-pigeonhole /etc/dnf/modules.d/postgresql.module \[postgresql\][\w\W]* 1 pg_repack pgaudit postgres-decoderbufs postgresql-test-rpm-macros emacs emacs-common emacs-filesystem emacs-lucid emacs-nox /etc/dnf/modules.d/ruby.module \[ruby\][\w\W]* 1 ruby-bundled-gems rubygem-mysql2 rubygem-mysql2-doc rubygem-pg rubygem-pg-doc rubygem-racc expat expat-devel cups-filters cups-filters-devel cups-filters-libs net-snmp net-snmp-agent-libs net-snmp-devel net-snmp-libs net-snmp-perl net-snmp-utils python3-net-snmp OpenIPMI OpenIPMI-devel OpenIPMI-lanserv OpenIPMI-libs edk2-aarch64 openexr openexr-devel openexr-libs NetworkManager-libreswan NetworkManager-libreswan-gnome python3.12-PyMySQL python3.12-PyMySQL+rsa postfix postfix-cdb postfix-ldap postfix-lmdb postfix-mysql postfix-pcre postfix-perl-scripts postfix-pgsql postfix-sqlite python3.11-PyMySQL python3.11-PyMySQL+rsa NetworkManager NetworkManager-adsl NetworkManager-bluetooth NetworkManager-cloud-setup NetworkManager-config-server NetworkManager-dispatcher-routing-rules NetworkManager-initscripts-updown NetworkManager-libnm NetworkManager-libnm-devel NetworkManager-ovs NetworkManager-ppp NetworkManager-team NetworkManager-tui NetworkManager-wifi NetworkManager-wwan bluez bluez-cups bluez-libs bluez-libs-devel bluez-obexd libgcrypt libgcrypt-devel fontforge nano microcode_ctl tpm2-tools bpftrace lldpd lldpd-devel /boot/grub2/grubenv saved_entry=.* 1 bpftool kernel kernel-64k kernel-64k-core kernel-64k-debug kernel-64k-debug-core kernel-64k-debug-devel kernel-64k-debug-devel-matched kernel-64k-debug-modules kernel-64k-debug-modules-core kernel-64k-debug-modules-extra kernel-64k-devel kernel-64k-devel-matched kernel-64k-modules kernel-64k-modules-core kernel-64k-modules-extra kernel-abi-stablelists kernel-core kernel-cross-headers kernel-debug kernel-debug-core kernel-debug-devel kernel-debug-devel-matched kernel-debug-modules kernel-debug-modules-core kernel-debug-modules-extra kernel-debug-uki-virt kernel-devel kernel-devel-matched kernel-doc kernel-headers kernel-modules kernel-modules-core kernel-modules-extra kernel-rt kernel-rt-core kernel-rt-debug kernel-rt-debug-core kernel-rt-debug-devel kernel-rt-debug-kvm kernel-rt-debug-modules kernel-rt-debug-modules-core kernel-rt-debug-modules-extra kernel-rt-devel kernel-rt-kvm kernel-rt-modules kernel-rt-modules-core kernel-rt-modules-extra kernel-tools kernel-tools-libs kernel-tools-libs-devel kernel-uki-virt kernel-uki-virt-addons libperf perf python3-perf rtla rv gnome-shell python3-dns python3.12-urllib3 vim-X11 vim-common vim-enhanced vim-filesystem vim-minimal cyrus-imapd cyrus-imapd-libs cyrus-imapd-utils perl-Cyrus oci-seccomp-bpf-hook mod_auth_openidc poppler poppler-cpp poppler-cpp-devel poppler-devel poppler-glib poppler-glib-devel poppler-glib-doc poppler-qt5 poppler-qt5-devel poppler-utils iperf3 jose libjose libjose-devel bcc bcc-devel bcc-doc bcc-tools libbpf-tools python3-bcc gtk-update-icon-cache gtk3 gtk3-devel gtk3-devel-docs gtk3-immodule-xim libvirt-ssh-proxy xorg-x11-server-Xwayland-devel pcp-export-pcp2openmetrics pcp-pmda-uwsgi libvpx libvpx-devel libsoup libsoup-devel aspnetcore-runtime-9.0 aspnetcore-runtime-dbg-9.0 aspnetcore-targeting-pack-9.0 dotnet-apphost-pack-9.0 dotnet-hostfxr-9.0 dotnet-runtime-9.0 dotnet-runtime-dbg-9.0 dotnet-sdk-9.0 dotnet-sdk-9.0-source-built-artifacts dotnet-sdk-aot-9.0 dotnet-sdk-dbg-9.0 dotnet-targeting-pack-9.0 dotnet-templates-9.0 wget libuv libuv-devel glib2 glib2-devel glib2-doc glib2-static glib2-tests ca-certificates c-ares c-ares-devel booth booth-arbitrator booth-core booth-site booth-test python3-idna aspnetcore-runtime-7.0 aspnetcore-targeting-pack-7.0 dotnet-apphost-pack-7.0 dotnet-hostfxr-7.0 dotnet-runtime-7.0 dotnet-sdk-7.0 dotnet-sdk-7.0-source-built-artifacts dotnet-targeting-pack-7.0 dotnet-templates-7.0 gnutls gnutls-c++ gnutls-dane gnutls-devel gnutls-utils traceroute exfatprogs zziplib zziplib-devel zziplib-utils freeglut freeglut-devel gstreamer1-plugins-good gstreamer1-plugins-good-gtk gstreamer1-plugins-bad-free gstreamer1-plugins-bad-free-devel mutt tcpdump harfbuzz harfbuzz-devel harfbuzz-icu squashfs-tools libXpm libXpm-devel libX11 libX11-common libX11-devel libX11-xcb perl perl-Attribute-Handlers perl-AutoLoader perl-AutoSplit perl-B perl-Benchmark perl-Class-Struct perl-Config-Extensions perl-DBM_Filter perl-Devel-Peek perl-Devel-SelfStubber perl-DirHandle perl-Dumpvalue perl-DynaLoader perl-English perl-Errno perl-ExtUtils-Constant perl-ExtUtils-Embed perl-ExtUtils-Miniperl perl-Fcntl perl-File-Basename perl-File-Compare perl-File-Copy perl-File-DosGlob perl-File-Find perl-File-stat perl-FileCache perl-FileHandle perl-FindBin perl-GDBM_File perl-Getopt-Std perl-Hash-Util perl-Hash-Util-FieldHash perl-I18N-Collate perl-I18N-LangTags perl-I18N-Langinfo perl-IO perl-IPC-Open3 perl-Locale-Maketext-Simple perl-Math-Complex perl-Memoize perl-Module-Loaded perl-NDBM_File perl-NEXT perl-Net perl-ODBM_File perl-Opcode perl-POSIX perl-Pod-Functions perl-Pod-Html perl-Safe perl-Search-Dict perl-SelectSaver perl-SelfLoader perl-Symbol perl-Sys-Hostname perl-Term-Complete perl-Term-ReadLine perl-Test perl-Text-Abbrev perl-Thread perl-Thread-Semaphore perl-Tie perl-Tie-File perl-Tie-Memoize perl-Time perl-Time-Piece perl-Unicode-UCD perl-User-pwent perl-autouse perl-base perl-blib perl-debugger perl-deprecate perl-devel perl-diagnostics perl-doc perl-encoding-warnings perl-fields perl-filetest perl-if perl-interpreter perl-less perl-lib perl-libnetcfg perl-libs perl-locale perl-macros perl-meta-notation perl-mro perl-open perl-overload perl-overloading perl-ph perl-sigtrap perl-sort perl-subs perl-utils perl-vars perl-vmsish libsndfile libsndfile-devel libsndfile-utils gstreamer1-plugins-base gstreamer1-plugins-base-devel gstreamer1-plugins-base-tools mingw32-pixman mingw64-pixman LibRaw LibRaw-devel frr frr-selinux wpa_supplicant libjpeg-turbo libjpeg-turbo-devel libjpeg-turbo-utils turbojpeg turbojpeg-devel mingw-binutils-generic mingw32-binutils mingw64-binutils python3.11-cryptography motif motif-devel libssh libssh-config libssh-devel nodejs-libs gdk-pixbuf2 gdk-pixbuf2-devel gdk-pixbuf2-modules file file-devel file-libs python3-file-magic pmix pmix-devel pmix-pmi pmix-pmi-devel pmix-tools libxml2 libxml2-devel python3-libxml2 raptor2 raptor2-devel ipa-selinux-luna ipa-selinux-nfast rsync rsync-daemon dpdk dpdk-devel dpdk-doc dpdk-tools yajl yajl-devel perl-CPAN python3-unbound unbound unbound-devel unbound-libs git git-all git-core git-core-doc git-credential-libsecret git-daemon git-email git-gui git-instaweb git-subtree git-svn gitk gitweb perl-Git perl-Git-SVN cpp gcc gcc-c++ gcc-gfortran gcc-offload-nvptx gcc-plugin-annobin gcc-plugin-devel libasan libatomic libgcc libgccjit libgccjit-devel libgfortran libgomp libgomp-offload-nvptx libitm libitm-devel liblsan libquadmath libquadmath-devel libstdc++ libstdc++-devel libstdc++-docs libstdc++-static libtsan libubsan libpq libpq-devel compat-openssl11 mod_dav_svn python3-subversion subversion subversion-devel subversion-gnome subversion-libs subversion-perl subversion-tools pki-servlet-4.0-api pki-servlet-engine wavpack wavpack-devel protobuf protobuf-compiler protobuf-devel protobuf-lite protobuf-lite-devel python3-protobuf speex speex-devel redis redis-devel redis-doc php php-bcmath php-cli php-common php-dba php-dbg php-devel php-embedded php-enchant php-ffi php-fpm php-gd php-gmp php-intl php-ldap php-mbstring php-mysqlnd php-odbc php-opcache php-pdo php-pgsql php-process php-snmp php-soap php-xml haproxy postgresql-jdbc mysql mysql-common mysql-devel mysql-errmsg mysql-libs mysql-server mysql-test apr apr-devel python3-wheel python3-wheel-wheel ncurses ncurses-base ncurses-c++-libs ncurses-devel ncurses-libs ncurses-term gmp gmp-c++ gmp-devel protobuf-c protobuf-c-compiler protobuf-c-devel libmicrohttpd libmicrohttpd-devel libmicrohttpd-doc python3-cryptography python3-tornado librabbitmq librabbitmq-devel librabbitmq-tools tang libfastjson libfastjson-devel autotrace pki-jackson-databind bsdtar libarchive libarchive-devel liblouis python3-louis python3-mako pesign libtasn1 libtasn1-devel libtasn1-tools freetype freetype-devel bcel xz xz-devel xz-libs xz-lzma-compat tracker-miners sudo sudo-python-plugin opensc pixman pixman-devel keylime keylime-base keylime-registrar keylime-selinux keylime-tenant keylime-verifier python3-keylime sqlite sqlite-devel sqlite-libs gimp gimp-libs libcap libcap-devel texlive texlive-adjustbox texlive-ae texlive-algorithms texlive-alphalph texlive-amscls texlive-amsfonts texlive-amsmath texlive-anyfontsize texlive-anysize texlive-appendix texlive-arabxetex texlive-arphic texlive-atbegshi texlive-attachfile texlive-attachfile2 texlive-atveryend texlive-auxhook texlive-avantgar texlive-awesomebox texlive-babel texlive-babel-english texlive-babelbib texlive-base texlive-beamer texlive-bera texlive-beton texlive-bibtex texlive-bibtopic texlive-bidi texlive-bigfoot texlive-bigintcalc texlive-bitset texlive-bookman texlive-bookmark texlive-booktabs texlive-breakurl texlive-breqn texlive-capt-of texlive-caption texlive-carlisle texlive-catchfile texlive-changebar texlive-changepage texlive-charter texlive-chngcntr texlive-cite texlive-cjk texlive-classpack texlive-cm texlive-cm-lgc texlive-cm-super texlive-cmap texlive-cmextra texlive-cns texlive-collectbox texlive-collection-basic texlive-collection-fontsrecommended texlive-collection-htmlxml texlive-collection-latex texlive-collection-latexrecommended texlive-collection-xetex texlive-colorprofiles texlive-colortbl texlive-context texlive-courier texlive-crop texlive-csquotes texlive-ctable texlive-ctablestack texlive-currfile texlive-datetime texlive-dehyph texlive-dvipdfmx texlive-dvipng texlive-dvips texlive-dvisvgm texlive-ec texlive-eepic texlive-enctex texlive-enumitem texlive-environ texlive-epsf texlive-epstopdf texlive-epstopdf-pkg texlive-eqparbox texlive-eso-pic texlive-etex texlive-etex-pkg texlive-etexcmds texlive-etoc texlive-etoolbox texlive-euenc texlive-euler texlive-euro texlive-eurosym texlive-extsizes texlive-fancybox texlive-fancyhdr texlive-fancyref texlive-fancyvrb texlive-filecontents texlive-filehook texlive-finstrut texlive-fix2col texlive-fixlatvian texlive-float texlive-fmtcount texlive-fncychap texlive-fontawesome texlive-fontbook texlive-fonts-tlwg texlive-fontspec texlive-fontware texlive-fontwrap texlive-footmisc texlive-footnotehyper texlive-fp texlive-fpl texlive-framed texlive-garuda-c90 texlive-geometry texlive-gettitlestring texlive-glyphlist texlive-gnu-freefont texlive-graphics texlive-graphics-cfg texlive-graphics-def texlive-grfext texlive-grffile texlive-gsftopk texlive-hanging texlive-helvetic texlive-hobsub texlive-hologo texlive-hycolor texlive-hyperref texlive-hyph-utf8 texlive-hyphen-base texlive-hyphenat texlive-hyphenex texlive-ifmtarg texlive-ifoddpage texlive-ifplatform texlive-iftex texlive-import texlive-index texlive-infwarerr texlive-intcalc texlive-jadetex texlive-jknapltx texlive-kastrup texlive-kerkis texlive-knuth-lib texlive-knuth-local texlive-koma-script texlive-kpathsea texlive-kvdefinekeys texlive-kvoptions texlive-kvsetkeys texlive-l3backend texlive-l3experimental texlive-l3kernel texlive-l3packages texlive-lastpage texlive-latex texlive-latex-fonts texlive-latex2man texlive-latexbug texlive-latexconfig texlive-letltxmacro texlive-lettrine texlive-lib texlive-lib-devel texlive-linegoal texlive-lineno texlive-listings texlive-listofitems texlive-lm texlive-lm-math texlive-ltabptch texlive-ltxcmds texlive-ltxmisc texlive-lua-alt-getopt texlive-luahbtex texlive-lualatex-math texlive-lualibs texlive-luaotfload texlive-luatex texlive-luatex85 texlive-luatexbase texlive-lwarp texlive-makecmds texlive-makeindex texlive-manfnt-font texlive-marginnote texlive-marvosym texlive-mathpazo texlive-mathspec texlive-mathtools texlive-mdwtools texlive-memoir texlive-metafont texlive-metalogo texlive-metapost texlive-mflogo texlive-mflogo-font texlive-mfnfss texlive-mfware texlive-microtype texlive-minitoc texlive-mnsymbol texlive-modes texlive-mparhack texlive-mptopdf texlive-ms texlive-multido texlive-multirow texlive-natbib texlive-ncctools texlive-ncntrsbk texlive-needspace texlive-newfloat texlive-newunicodechar texlive-norasi-c90 texlive-notoccite texlive-ntgclass texlive-oberdiek texlive-obsolete texlive-overpic texlive-palatino texlive-paralist texlive-parallel texlive-parskip texlive-passivetex texlive-pdfcolmk texlive-pdfescape texlive-pdflscape texlive-pdfpages texlive-pdftex texlive-pdftexcmds texlive-pgf texlive-philokalia texlive-placeins texlive-plain texlive-polyglossia texlive-powerdot texlive-preprint texlive-psfrag texlive-pslatex texlive-psnfss texlive-pspicture texlive-pst-3d texlive-pst-arrow texlive-pst-blur texlive-pst-coil texlive-pst-eps texlive-pst-fill texlive-pst-grad texlive-pst-math texlive-pst-node texlive-pst-plot texlive-pst-slpe texlive-pst-text texlive-pst-tools texlive-pst-tree texlive-pstricks texlive-pstricks-add texlive-ptext texlive-pxfonts texlive-qstest texlive-ragged2e texlive-rcs texlive-realscripts texlive-refcount texlive-rerunfilecheck texlive-rsfs texlive-sansmath texlive-sansmathaccent texlive-sauerj texlive-scheme-basic texlive-section texlive-sectsty texlive-seminar texlive-sepnum texlive-setspace texlive-showexpl texlive-soul texlive-stackengine texlive-stmaryrd texlive-stringenc texlive-subfig texlive-subfigure texlive-svn-prov texlive-symbol texlive-t2 texlive-tabu texlive-tabulary texlive-tex texlive-tex-gyre texlive-tex-gyre-math texlive-tex-ini-files texlive-tex4ht texlive-texlive-common-doc texlive-texlive-docindex texlive-texlive-en texlive-texlive-msg-translations texlive-texlive-scripts texlive-texlive-scripts-extra texlive-texlive.infra texlive-textcase texlive-textpos texlive-threeparttable texlive-thumbpdf texlive-times texlive-tipa texlive-titlesec texlive-titling texlive-tocloft texlive-tools texlive-translator texlive-trimspaces texlive-txfonts texlive-type1cm texlive-typehtml texlive-ucharcat texlive-ucharclasses texlive-ucs texlive-uhc texlive-ulem texlive-underscore texlive-unicode-data texlive-unicode-math texlive-uniquecounter texlive-unisugar texlive-updmap-map texlive-upquote texlive-url texlive-utopia texlive-varwidth texlive-wadalab texlive-was texlive-wasy texlive-wasy-type1 texlive-wasysym texlive-wrapfig texlive-xcolor texlive-xdvi texlive-xecjk texlive-xecolor texlive-xecyr texlive-xeindex texlive-xepersian texlive-xesearch texlive-xetex texlive-xetex-itrans texlive-xetex-pstricks texlive-xetex-tibetan texlive-xetexconfig texlive-xetexfontinfo texlive-xifthen texlive-xkeyval texlive-xltxtra texlive-xmltex texlive-xmltexconfig texlive-xstring texlive-xtab texlive-xunicode texlive-zapfchan texlive-zapfding texlive-zref flac flac-devel flac-libs python3-lxml openjpeg2 openjpeg2-devel openjpeg2-tools fribidi fribidi-devel bind9.18 bind9.18-chroot bind9.18-devel bind9.18-dnssec-utils bind9.18-doc bind9.18-libs bind9.18-utils python3-tbb tbb tbb-devel tbb-doc bzip2 bzip2-devel bzip2-libs galera mariadb mariadb-backup mariadb-common mariadb-devel mariadb-embedded mariadb-embedded-devel mariadb-errmsg mariadb-gssapi-server mariadb-oqgraph-engine mariadb-pam mariadb-server mariadb-server-galera mariadb-server-utils mariadb-test keepalived gcc-toolset-14-gcc gcc-toolset-14-gcc-c++ gcc-toolset-14-gcc-gfortran gcc-toolset-14-gcc-plugin-annobin gcc-toolset-14-gcc-plugin-devel gcc-toolset-14-libasan-devel gcc-toolset-14-libatomic-devel gcc-toolset-14-libgccjit gcc-toolset-14-libgccjit-devel gcc-toolset-14-libitm-devel gcc-toolset-14-liblsan-devel gcc-toolset-14-libquadmath-devel gcc-toolset-14-libstdc++-devel gcc-toolset-14-libstdc++-docs gcc-toolset-14-libtsan-devel gcc-toolset-14-libubsan-devel gcc-toolset-14-offload-nvptx libasan8 libtsan2 gcc-toolset-13-gcc gcc-toolset-13-gcc-c++ gcc-toolset-13-gcc-gfortran gcc-toolset-13-gcc-plugin-annobin gcc-toolset-13-gcc-plugin-devel gcc-toolset-13-libasan-devel gcc-toolset-13-libatomic-devel gcc-toolset-13-libgccjit gcc-toolset-13-libgccjit-devel gcc-toolset-13-libitm-devel gcc-toolset-13-liblsan-devel gcc-toolset-13-libquadmath-devel gcc-toolset-13-libstdc++-devel gcc-toolset-13-libstdc++-docs gcc-toolset-13-libtsan-devel gcc-toolset-13-libubsan-devel gcc-toolset-13-offload-nvptx doxygen doxygen-doxywizard doxygen-latex grub2-efi-aa64 grub2-efi-aa64-cdboot grub2-efi-aa64-modules opentelemetry-collector delve golang-race libxslt libxslt-devel 389-ds-base-snmp nginx nginx-all-modules nginx-core nginx-filesystem nginx-mod-devel nginx-mod-http-image-filter nginx-mod-http-perl nginx-mod-http-xslt-filter nginx-mod-mail nginx-mod-stream xdg-utils yelp yelp-devel yelp-libs xterm xterm-resize avahi-autoipd avahi-gobject avahi-gobject-devel python3-requests python3-requests+security python3-requests+socks iptraf-ng rsync-rrsync kernel-rt-64k kernel-rt-64k-core kernel-rt-64k-debug kernel-rt-64k-debug-core kernel-rt-64k-debug-devel kernel-rt-64k-debug-modules kernel-rt-64k-debug-modules-core kernel-rt-64k-debug-modules-extra kernel-rt-64k-devel kernel-rt-64k-modules kernel-rt-64k-modules-core kernel-rt-64k-modules-extra gvisor-tap-vsock-gvforwarder perl-Module-ScanDeps corosync corosync-vqsim corosynclib corosynclib-devel keylime-agent-rust python3.12-cryptography aardvark-dns bootc system-reinstall-bootc gstreamer1 gstreamer1-devel bootupd mpg123 mpg123-devel mpg123-libs mpg123-plugins-pulseaudio perl-App-cpanminus tuned tuned-gtk tuned-ppd tuned-profiles-atomic tuned-profiles-cpu-partitioning tuned-profiles-mssql tuned-profiles-nfv tuned-profiles-nfv-guest tuned-profiles-nfv-host tuned-profiles-oracle tuned-profiles-postgresql tuned-profiles-realtime tuned-profiles-sap tuned-profiles-sap-hana tuned-profiles-spectrumscale tuned-utils ipa-client-encrypted-dns ipa-server-encrypted-dns gstreamer1-plugins-bad-free-libs unbound-dracut varnish varnish-devel varnish-docs perl-FCGI mod_security mod_security-mlogc apache-commons-beanutils weldr-client libblockdev libblockdev-crypto libblockdev-dm libblockdev-fs libblockdev-kbd libblockdev-loop libblockdev-lvm libblockdev-lvm-dbus libblockdev-mdraid libblockdev-mpath libblockdev-nvdimm libblockdev-nvme libblockdev-part libblockdev-plugins-all libblockdev-swap libblockdev-tools libblockdev-utils python3-blockdev v8-12.4-devel /etc/dnf/modules.d/redis.module \[redis\][\w\W]* 1 /etc/dnf/modules.d/php.module \[php\][\w\W]* 1 apcu-panel php-pecl-apcu php-pecl-apcu-devel php-pecl-rrd php-pecl-xdebug3 php-pecl-zip php-pecl-redis6 /etc/dnf/modules.d/nginx.module \[nginx\][\w\W]* 1 /etc/dnf/modules.d/mariadb.module \[mariadb\][\w\W]* 1 pgvector gnome-remote-desktop perl-File-Find-Rule iputils iputils-ninfod perl-YAML-LibYAML jq jq-devel socat cloud-init libtpms icu libicu libicu-devel pki-jackson-annotations pki-jackson-core pki-jackson-jaxrs-json-provider pki-jackson-jaxrs-providers pki-jackson-module-jaxb-annotations qt5-qt3d qt5-qt3d-devel qt5-qt3d-examples aide libudisks2 libudisks2-devel udisks2 udisks2-iscsi udisks2-lsm udisks2-lvm2 /etc/dnf/modules.d/mysql.module \[mysql\][\w\W]* 1 mecab mecab-devel mecab-ipadic mecab-ipadic-EUCJP mysql-test-data rapidjson-devel rapidjson-doc msvsphere-configs-common msvsphere-configs-gnome msvsphere-configs-gnome-software command-line-assistant command-line-assistant-selinux kernel-lt kernel-lt-core kernel-lt-devel kernel-lt-devel-matched kernel-lt-doc kernel-lt-headers kernel-lt-modules kernel-lt-modules-extra kernel-lt-tools kernel-lt-tools-libs kernel-lt-tools-libs-devel perl-JSON-XS open-vm-tools open-vm-tools-desktop open-vm-tools-salt-minion open-vm-tools-sdmp open-vm-tools-test python3-kdcproxy lasso lasso-devel python3-lasso shadow-utils shadow-utils-subid shadow-utils-subid-devel x86_64 0:8.7p1-38.el9_4.4 x86_64 0:0.10.4-5.38.el9_4.4 x86_64 7:5.5-13.el9_4 x86_64 0:115.12.0-1.el9_4.inferit x86_64 1:2.3.3op2-27.el9_4.inferit i686|x86_64 1:2.3.3op2-27.el9_4.inferit 1:2.3.3op2-27.el9_4.inferit i686|x86_64 0:3.9.18-3.el9_4.3 0:3.9.18-3.el9_4.3 x86_64 0:1.2.49-1.el9_4 x86_64 0:1.3.20-1.el9_4 x86_64 17:8.2.0-11.el9_4.4.inferit x86_64 4:1.1.12-3.el9_4 i686|x86_64 0:3.11.7-1.el9_4.3 i686|x86_64 0:1.12.9-1.el9_4 0:1.12.9-1.el9_4 1:39.31.5.1-143.1.el9_4 0:39.31.5.1-143.1.el9_4 0:18.168.6.1-143.1.el9_4 1:25.30.13.0-143.1.el9_4 0:8.83.5.1_1-143.1.el9_4 0:8.24.2.2-143.1.el9_4 0:41.28.5.1-143.1.el9_4 0:20240603-143.1.el9_4 x86_64 0:115.13.0-3.el9_4.inferit x86_64 2:1.14.3-3.el9_4 x86_64 1:1.4.0-4.el9_4 x86_64 0:10.0.0-6.6.el9_4 x86_64 1:7.1.8.1-12.el9_4.inferit 1:7.1.8.1-12.el9_4.inferit x86_64 0:4.10.0-62.el9_4.4 0:4.10.0-62.el9_4.4 x86_64 0:6.0.32-1.el9_4 x86_64 0:6.0.132-1.el9_4 x86_64 6:0.7.3-4.el9_4 x86_64 4:4.9.4-5.el9_4 4:4.9.4-5.el9_4 x86_64 0:2.4.5-8.el9_4 0:2.4.5-8.el9_4 x86_64 0:311.2-1.el9_4.inferit 0:311.2-1.el9_4.inferit x86_64 2:1.33.6-2.el9 x86_64 0:590-4.el9_4 x86_64 0:115.11.0-1.el9_4.inferit 0:20231122-6.el9_4.2 x86_64 0:20231122-6.el9_4.2 x86_64 0:2.4.57-11.el9_4.inferit 0:2.4.57-11.el9_4.inferit x86_64 1:2.4.57-11.el9_4.inferit 1:9.0.87-1.el9_4.1 i686|x86_64 0:3.11.7-1.el9 i686|x86_64 0:1.8-6.el9_4 x86_64 0:10.0.0-6.2.el9_4 x86_64 32:9.16.23-18.el9_4.1 i686|x86_64 32:9.16.23-18.el9_4.1 32:9.16.23-18.el9_4.1 x86_64 0:11.9-9.el9_4.inferit 0:0.8-5.el9_4 x86_64 4:4.9.4-4.el9_4 4:4.9.4-4.el9_4 x86_64 0:4.10.0-62.el9_4.3 0:4.10.0-62.el9_4.3 x86_64 2:1.14.3-2.el9_4 x86_64 0:4.11.0-15.el9_4 0:4.11.0-15.el9_4 x86_64 1:3.0.7-27.el9 i686|x86_64 1:3.0.7-27.el9 i686|x86_64 0:0.8-20.el9 x86_64 0:0.8-20.el9 x86_64 2:1.33.7-1.el9_4 i686|x86_64 0:4.4.0-12.el9 x86_64 0:4.4.0-12.el9 x86_64 2:2.11.2-1.el9 i686|x86_64 2:2.11.2-1.el9 i686|x86_64 0:1.5.1-19.el9 x86_64 0:1.5.1-19.el9 x86_64 0:2.4.57-8.el9.inferit 0:2.4.57-8.el9.inferit x86_64 1:2.4.57-8.el9.inferit i686|x86_64 0:5.15.9-9.el9 0:5.15.9-9.el9 0:20231122-6.el9 x86_64 0:20231122-6.el9 1:2.06-77.el9.inferit x86_64 1:2.06-77.el9.inferit x86_64 1:2.14.14-1.el9 0:252-32.el9_4.inferit.1 i686|x86_64 0:252-32.el9_4.inferit.1 x86_64 0:252-32.el9_4.inferit.1 x86_64 2:1.14.3-0.1.el9 x86_64 1:1.4.0-2.el9_4 x86_64 0:22.1.9-5.el9 0:6.2.0-1.el9 x86_64 0:6.2.0-1.el9 i686|x86_64 0:6.2.0-1.el9 x86_64 0:2024.3-3.el9_4 i686|x86_64 0:2024.3-3.el9_4 x86_64 6:0.7.3-3.el9_4 x86_64 0:1.20.11-24.el9 i686|x86_64 0:1.20.11-24.el9 0:1.20.11-24.el9 x86_64 4:1.1.12-2.el9 x86_64 2:4.9.4-0.1.el9 2:4.9.4-0.1.el9 0:4.10.0-62.el9 x86_64 0:4.10.0-62.el9 i686|x86_64 0:1.18.1-3.el9 0:1.18.1-3.el9 x86_64 0:1.18.1-3.el9 x86_64 0:4.11.0-9.el9_4 0:4.11.0-9.el9_4 x86_64 17:8.2.0-11.el9_4.inferit x86_64 0:0.0.99.5-2.el9 x86_64 1:1.4.0-3.el9_4 0:11.5.0-2.el9_4 x86_64 0:11.5.0-2.el9_4 x86_64 2:1.33.7-2.el9_4 x86_64|i686 0:2.34-100.el9_4.2 x86_64 0:2.34-100.el9_4.2 i686|x86_64 0:2.34-100.el9_4.2 0:2.34-100.el9_4.2 i686|x86_64 0:1.43.0-5.el9_4.3 x86_64 0:1.43.0-5.el9_4.3 0:2.11.3-5.el9 x86_64 0:2.0.26-1.el9 x86_64 0:101-1.el9.inferit x86_64 0:1.13.1-8.el9 0:1.13.1-8.el9 x86_64 0:0.11.7-2.el9_4 x86_64 0:8.0.7-1.el9_4 x86_64 0:8.0.107-1.el9_4 x86_64 0:9.2.10-16.el9_4 x86_64 0:1.21.9-2.el9_4 0:1.21.9-2.el9_4 x86_64 0:3.0.21-40.el9_4 x86_64 0:1.21.11-1.el9_4 0:1.21.11-1.el9_4 x86_64 0:8.7p1-38.el9_4.1 x86_64 0:0.10.4-5.38.el9_4.1 x86_64 0:4.12-2.el9_4 x86_64 0:10.0.0-6.el9_4 x86_64 0:5.1.1-2.el9_4 x86_64 0:8.0.5-1.el9_4 x86_64 0:8.0.105-1.el9_4 x86_64 0:3.4.1-2.el9_4 x86_64 0:6.2.0-2.el9_4 x86_64|i686 0:6.2.0-2.el9_4 0:6.2.0-2.el9_4 i686|x86_64 0:6.2.0-2.el9_4 x86_64 0:1.13.1-8.el9_4.3 0:1.13.1-8.el9_4.3 x86_64|i686 0:2.9.4-6.el9_4 i686|x86_64 0:2.9.4-6.el9_4 x86_64 0:2.9.4-6.el9_4 0:2.9.4-6.el9_4 x86_64 2:1.33.7-3.el9_4 x86_64 4:4.9.4-3.el9_4 4:4.9.4-3.el9_4 x86_64 0:2.4.57-11.el9_4.1.inferit 0:2.4.57-11.el9_4.1.inferit x86_64 1:2.4.57-11.el9_4.1.inferit i686|x86_64 0:2.42.5-1.el9 x86_64 1:7.1.8.1-13.el9_4.inferit 1:7.1.8.1-13.el9_4.inferit 1:9.0.87-1.el9_4.2 x86_64 0:2.4.5-9.el9_4 0:2.4.5-9.el9_4 x86_64 0:7.76.1-29.el9_4.1 i686|x86_64 0:7.76.1-29.el9_4.1 0:53.0.0-12.el9_4.1 0:68.2.2-3.el9_4.1 0:65.5.1-2.el9_4.1 x86_64 32:9.16.23-18.el9_4.6 i686|x86_64 32:9.16.23-18.el9_4.6 32:9.16.23-18.el9_4.6 x86_64 0:11.9-10.el9_4 x86_64 0:8.0.8-1.el9_4 x86_64 0:8.0.108-1.el9_4 x86_64 0:128.0.6613.113-1.el9.inferit \nstream\s*=\s*18\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*18\b x86_64 1:18.20.4-1.module+el9.4.0+461+eb900a2c 1:18.20.4-1.module+el9.4.0+461+eb900a2c 0:3.0.1-1.module+el9.2.0+19+4af52535 0:2021.06-4.module+el9.2.0+5+86102435 x86_64 1:10.7.0-1.18.20.4.1.module+el9.4.0+461+eb900a2c x86_64 0:13.16-1.el9_4 i686|x86_64 0:3.12.1-4.el9_4.3 x86_64 0:115.14.0-1.el9_4.inferit x86_64 2:1.14.5-1.el9_4 x86_64 4:4.9.4-10.el9_4 4:4.9.4-10.el9_4 x86_64 2:1.33.7-4.el9_4 x86_64 4:1.1.12-4.el9_4 x86_64 1:1.4.0-5.el9_4 x86_64 6:0.7.3-5.el9_4 i686|x86_64 0:3.11.7-1.el9_4.5 i686|x86_64 0:0.4.31-7.el9_4 x86_64 0:0.4.31-7.el9_4 i686|x86_64 0:3.9.18-3.el9_4.5 0:3.9.18-3.el9_4.5 i686|x86_64 0:1.21.1-2.el9_4 x86_64 0:1.21.1-2.el9_4 0:1.26.5-5.el9_4.1 x86_64 0:115.14.0-2.el9_4.inferit x86_64 0:128.0.6613.119-1.el9.inferit x86_64 0:128.0.6613.137-1.el9.inferit.1 x86_64 1:18.20.2-2.module+el9.4.0+264+64a83471 1:18.20.2-2.module+el9.4.0+264+64a83471 x86_64 1:10.5.0-1.18.20.2.2.module+el9.4.0+264+64a83471 i686|x86_64 1:2.3.16-11.el9_4.1 x86_64 1:2.3.16-11.el9_4.1 \nstream\s*=\s*15\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*15\b x86_64 0:1.4.8-1.module+el9.2.0+10+91bde804 x86_64 0:1.7.0-1.module+el9.2.0+10+91bde804 x86_64 0:1.9.7-1.Final.module+el9.2.0+10+91bde804 x86_64 0:15.8-1.module+el9.4.0+456+dd704415 0:15.8-1.module+el9.4.0+456+dd704415 1:27.2-10.el9_4.inferit \nstream\s*=\s*16\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*16\b x86_64 0:1.4.8-1.module+el9.4.0+31+00b1fe72 x86_64 0:16.0-1.module+el9.4.0+31+00b1fe72 x86_64 0:2.4.0-1.Final.module+el9.4.0+31+00b1fe72 x86_64 0:16.4-1.module+el9.4.0+453+80b4f15c 0:16.4-1.module+el9.4.0+453+80b4f15c \nstream\s*=\s*3.1\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*3.1\b i686|x86_64 0:3.1.5-144.module+el9.4.0+384+64ab7a20 0:3.1.5-144.module+el9.4.0+384+64ab7a20 i686|x86_64 0:3.1.1-144.module+el9.4.0+384+64ab7a20 0:2.3.27-144.module+el9.4.0+384+64ab7a20 i686|x86_64 0:0.5.11-144.module+el9.4.0+384+64ab7a20 0:1.4.1-144.module+el9.4.0+384+64ab7a20 i686|x86_64 0:2.6.1-144.module+el9.4.0+384+64ab7a20 0:5.15.0-144.module+el9.4.0+384+64ab7a20 x86_64 0:0.5.4-1.module+el9.2.0+7+7f5357fe 0:0.5.4-1.module+el9.2.0+7+7f5357fe x86_64 0:1.3.5-1.module+el9.2.0+7+7f5357fe 0:1.3.5-1.module+el9.2.0+7+7f5357fe 0:2.0.1-144.module+el9.4.0+384+64ab7a20 i686|x86_64 0:4.0.4-144.module+el9.4.0+384+64ab7a20 0:13.0.6-144.module+el9.4.0+384+64ab7a20 i686|x86_64 0:2.7.0-144.module+el9.4.0+384+64ab7a20 0:6.4.1.1-144.module+el9.4.0+384+64ab7a20 0:3.2.5-144.module+el9.4.0+384+64ab7a20 0:0.2.9-144.module+el9.4.0+384+64ab7a20 0:3.5.3-144.module+el9.4.0+384+64ab7a20 0:0.21.3-144.module+el9.4.0+384+64ab7a20 0:3.3.27-144.module+el9.4.0+384+64ab7a20 \nstream\s*=\s*3.3\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*3.3\b i686|x86_64 0:3.3.1-2.module+el9.4.0+385+d40d7575 0:3.3.1-2.module+el9.4.0+385+d40d7575 i686|x86_64 0:3.1.5-2.module+el9.4.0+385+d40d7575 0:2.5.9-2.module+el9.4.0+385+d40d7575 i686|x86_64 0:0.7.1-2.module+el9.4.0+385+d40d7575 0:1.11.0-2.module+el9.4.0+385+d40d7575 i686|x86_64 0:2.7.1-2.module+el9.4.0+385+d40d7575 0:5.20.0-2.module+el9.4.0+385+d40d7575 x86_64 0:0.5.5-1.module+el9.4.0+34+c6ba5507 0:0.5.5-1.module+el9.4.0+34+c6ba5507 x86_64 0:1.5.4-1.module+el9.4.0+34+c6ba5507 0:1.5.4-1.module+el9.4.0+34+c6ba5507 0:2.0.3-2.module+el9.4.0+385+d40d7575 i686|x86_64 0:5.1.2-2.module+el9.4.0+385+d40d7575 i686|x86_64 0:1.7.3-2.module+el9.4.0+385+d40d7575 0:13.1.0-2.module+el9.4.0+385+d40d7575 i686|x86_64 0:3.4.0-2.module+el9.4.0+385+d40d7575 0:6.6.3.1-2.module+el9.4.0+385+d40d7575 0:3.2.6-2.module+el9.4.0+385+d40d7575 0:0.3.0-2.module+el9.4.0+385+d40d7575 0:3.6.1-2.module+el9.4.0+385+d40d7575 0:0.21.9-2.module+el9.4.0+385+d40d7575 0:3.5.9-2.module+el9.4.0+385+d40d7575 \nstream\s*=\s*20\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*20\b x86_64 1:20.16.0-1.module+el9.4.0+449+6c94964f 1:20.16.0-1.module+el9.4.0+449+6c94964f 0:3.0.1-1.module+el9.3.0+18+c798b6fe 0:2021.06-4.module+el9.3.0+18+c798b6fe x86_64 1:10.8.1-1.20.16.0.1.module+el9.4.0+449+6c94964f x86_64 1:20.12.2-2.module+el9.4.0+263+7d20c6a7 1:20.12.2-2.module+el9.4.0+263+7d20c6a7 x86_64 1:10.5.0-1.20.12.2.2.module+el9.4.0+263+7d20c6a7 x86_64 0:128.2.0-1.el9_4.inferit x86_64 0:4.10.0-62.el9_4.5 0:4.10.0-62.el9_4.5 x86_64 0:129.0.6668.58-1.el9.inferit x86_64 1:3.0.7-28.el9_4 i686|x86_64 1:3.0.7-28.el9_4 i686|x86_64 0:3.3.5-3.module+el9.4.0+464+27946535 0:3.3.5-3.module+el9.4.0+464+27946535 i686|x86_64 0:3.1.5-3.module+el9.4.0+464+27946535 0:2.5.16-3.module+el9.4.0+464+27946535 i686|x86_64 0:0.7.1-3.module+el9.4.0+464+27946535 0:1.13.1-3.module+el9.4.0+464+27946535 i686|x86_64 0:2.7.1-3.module+el9.4.0+464+27946535 0:5.20.0-3.module+el9.4.0+464+27946535 0:2.0.3-3.module+el9.4.0+464+27946535 i686|x86_64 0:5.1.2-3.module+el9.4.0+464+27946535 i686|x86_64 0:1.7.3-3.module+el9.4.0+464+27946535 0:13.1.0-3.module+el9.4.0+464+27946535 i686|x86_64 0:3.4.0-3.module+el9.4.0+464+27946535 0:6.6.3.1-3.module+el9.4.0+464+27946535 0:3.3.6-3.module+el9.4.0+464+27946535 0:0.3.1-3.module+el9.4.0+464+27946535 0:3.6.1-3.module+el9.4.0+464+27946535 0:0.21.9-3.module+el9.4.0+464+27946535 0:3.5.16-3.module+el9.4.0+464+27946535 x86_64 0:6.2.0-5.el9_4 i686|x86_64 0:6.2.0-5.el9_4 0:6.2.0-5.el9_4 x86_64|i686 0:6.2.0-5.el9_4 i686|x86_64 0:1.18.1-4.el9_4 0:1.18.1-4.el9_4 x86_64 0:1.18.1-4.el9_4 x86_64 0:1.28.7-17.el9_4 i686|x86_64 0:1.28.7-17.el9_4 x86_64 0:128.3.0-1.el9_4.inferit x86_64 0:1.21.13-4.el9_4 0:1.21.13-4.el9_4 0:39.31.5.1-143.3.el9_4 1:39.31.5.1-143.3.el9_4 0:18.168.6.1-143.3.el9_4 1:25.30.13.0-143.3.el9_4 0:8.83.5.1_1-143.3.el9_4 0:8.24.2.2-143.3.el9_4 0:41.28.5.1-143.3.el9_4 0:20240905-143.3.el9_4 x86_64 1:5.9.1-13.el9_4.3 i686|x86_64 1:5.9.1-13.el9_4.3 x86_64 0:101-2.el9_4.inferit x86_64 4:4.9.4-13.el9_4 4:4.9.4-13.el9_4 x86_64 0:128.3.1-2.el9_4.inferit x86_64 2:1.33.9-1.el9_4 x86_64 1:1.4.0-6.el9_4 x86_64 2:1.14.5-2.el9_4 x86_64 0:128.3.1-1.el9_4.inferit i686|x86_64 0:2.0.32-5.el9_4 x86_64 0:130.0.6723.58-1.el9.inferit x86_64 0:1.21.10-1.el9_4 0:1.21.10-1.el9_4 x86_64 1:17.0.13.0.11-3.el9.inferit x86_64 1:11.0.25.0.9-2.el9.inferit x86_64 1:1.8.0.432.b06-2.el9.inferit 1:1.8.0.432.b06-2.el9.inferit i686|x86_64 0:4.4.0-12.el9_4.1 x86_64 0:4.4.0-12.el9_4.1 0:20231122-6.el9_4.4 x86_64 0:20231122-6.el9_4.4 i686|x86_64 0:3.11.7-1.el9_4.6 i686|x86_64 0:3.12.1-4.el9_4.4 i686|x86_64 0:2.46.1-2.el9_4 0:3.9.18-3.el9_4.6 i686|x86_64 0:3.9.18-3.el9_4.6 x86_64 0:9.2.10-19.el9_4 x86_64 2:1.33.10-1.el9_4 0:39.31.5.1-143.2.el9_4 1:39.31.5.1-143.2.el9_4 0:18.168.6.1-143.2.el9_4 1:25.30.13.0-143.2.el9_4 0:8.83.5.1_1-143.2.el9_4 0:8.24.2.2-143.2.el9_4 0:41.28.5.1-143.2.el9_4 0:20240716-143.2.el9_4 x86_64 0:3.1.1-2.el9_4.1 i686|x86_64 0:3.1.1-2.el9_4.1 0:20240524-6.el9_5.inferit x86_64|aarch64 0:20240524-6.el9_5.inferit x86_64|aarch64 0:1.2.22-4.el9_5 i686|x86_64|aarch64 0:2.46.3-1.el9_5 0:1.1.0-3.el9 x86_64|aarch64 2:3.5.25-1.el9 0:1.0.2-2.el9 x86_64|aarch64 1:1.48.10-2.el9_5.inferit 1:1.48.10-2.el9_5.inferit i686|x86_64|aarch64 1:1.48.10-2.el9_5.inferit i686|x86_64|aarch64 0:3.11.9-7.el9 x86_64|aarch64 0:2.4.62-1.el9.inferit 0:2.4.62-1.el9.inferit x86_64|aarch64 1:2.4.62-1.el9.inferit x86_64|aarch64 4:5.2.2-9.el9_5 4:5.2.2-9.el9_5 i686|x86_64|aarch64 0:3.12.5-2.el9_5.1 x86_64|aarch64 0:5.1.1-9.el9_5 i686|x86_64|aarch64 0:1.21.1-4.el9_5 x86_64|aarch64 0:1.21.1-4.el9_5 x86_64|aarch64 0:10.2.6-7.el9_5 0:1.26.12-2.el9_5.1 x86_64|aarch64 0:5.72-2.el9 i686|x86_64|aarch64 0:5.72-2.el9 i686|x86_64|aarch64 0:1.10.0-11.el9 0:3.9.19-8.el9_5.1 i686|x86_64|aarch64 0:3.9.19-8.el9_5.1 i686|x86_64|aarch64 0:20201107-6.el9 x86_64|aarch64 1:2.3.3op2-31.el9_5.inferit.1 i686|x86_64|aarch64 1:2.3.3op2-31.el9_5.inferit.1 1:2.3.3op2-31.el9_5.inferit.1 x86_64|aarch64 0:5.6.1-6.el9 i686|x86_64|aarch64 0:3.11.9-7.el9_5.1 4:20240910-1.el9_5 x86_64|aarch64 2:1.37.5-1.el9_5 x86_64|aarch64 4:1.1.13-4.el9 0:1.5.6-2.el9 x86_64|aarch64 0:5.2-4.el9 i686|x86_64|aarch64 0:3.12.5-2.el9 x86_64|aarch64 17:9.0.0-10.el9_5.inferit x86_64 17:9.0.0-10.el9_5.inferit x86_64|aarch64 0:0.21.1-1.el9 i686|x86_64|aarch64 0:2.44.3-2.el9 i686|x86_64|aarch64 0:1.0.18-4.el9 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-3])\.)|(5\.14\.0-503\.14\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.14\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-3])\.)|(5\.14\.0-503\.14\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.14\.0\.) x86_64|aarch64 0:7.4.0-503.14.1.el9_5 x86_64|aarch64 0:5.14.0-503.14.1.el9_5 aarch64 0:5.14.0-503.14.1.el9_5 0:5.14.0-503.14.1.el9_5 x86_64 0:5.14.0-503.14.1.el9_5 x86_64|aarch64 2:1.37.2-1.el9 x86_64|aarch64 0:40.10-21.el9.inferit x86_64|aarch64 2:1.16.1-1.el9 x86_64|aarch64 0:1.20.11-26.el9 i686|x86_64|aarch64 0:1.20.11-26.el9 0:1.20.11-26.el9 0:3.9.19-8.el9 i686|x86_64|aarch64 0:3.9.19-8.el9 x86_64|aarch64 0:118-2.el9_5.inferit 0:2.6.1-3.el9 0:1.26.18-2.el9_5.1 x86_64|aarch64 2:8.2.2637-21.el9 2:8.2.2637-21.el9 x86_64|aarch64 0:0.4.1-8.el9_5 i686|x86_64|aarch64 0:1.12.9-3.el9_5 0:1.12.9-3.el9_5 0:2.78.6-1.el9 x86_64|aarch64 1:3.2.2-6.el9_5.inferit i686|x86_64|aarch64 1:3.2.2-6.el9_5.inferit i686|x86_64|aarch64 0:1.21.1-3.el9 x86_64|aarch64 0:1.21.1-3.el9 x86_64|aarch64 0:323.1-1.el9_5.inferit 0:323.1-1.el9_5.inferit x86_64|aarch64 1:27.2-10.el9_4.inferit x86_64|aarch64 0:3.4.8-1.el9 i686|x86_64|aarch64 0:3.4.8-1.el9 x86_64|aarch64 0:1.2.10-2.el9 x86_64|aarch64 0:2.4.10-1.el9 i686|x86_64|aarch64 0:21.01.0-21.el9 0:21.01.0-21.el9 x86_64|aarch64 0:21.01.0-21.el9 i686|x86_64|aarch64 0:3.9-13.el9 x86_64|aarch64 0:14-1.el9 i686|x86_64|aarch64 0:14-1.el9 x86_64|aarch64 0:0.30.0-6.el9 0:0.30.0-6.el9 x86_64|aarch64 0:3.24.31-5.el9 i686|x86_64|aarch64 0:3.24.31-5.el9 0:2.11.3-6.el9 x86_64|aarch64 0:10.2.6-4.el9 x86_64|aarch64 0:10.5.0-7.el9_5 x86_64|aarch64 0:0.0.99.5-5.el9 x86_64|aarch64 2:5.2.2-1.el9 2:5.2.2-1.el9 i686|x86_64|aarch64 0:23.2.7-1.el9 x86_64|aarch64 1:1.5.1-2.el9 x86_64|aarch64 2:2.11.7-1.el9 i686|x86_64|aarch64 2:2.11.7-1.el9 x86_64|aarch64 0:128.4.0-1.el9_5.inferit x86_64|aarch64 0:128.4.0-1.el9_5.inferit.1 x86_64|aarch64 0:6.2.2-7.el9_5 i686|x86_64|aarch64 0:6.2.2-7.el9_5 0:6.2.2-7.el9_5 x86_64 0:6.2.2-7.el9_5 aarch64|x86_64 0:6.2.2-7.el9_5 i686|x86_64|aarch64 0:1.9.0-8.el9_5 x86_64|aarch64 7:5.5-14.el9_5.3 i686|x86_64|aarch64 0:2.72.0-8.el9_5.2 x86_64|aarch64 0:3.1.1-2.el9_5.1 i686|x86_64|aarch64 0:3.1.1-2.el9_5.1 i686|x86_64|aarch64 0:2.5.0-3.el9_5.1 x86_64|aarch64 0:9.0.0-1.el9_5 x86_64|aarch64 0:9.0.100-1.el9_5 x86_64 4:4.9.4-16.el9_4 4:4.9.4-16.el9_4 x86_64|aarch64 0:128.4.0-1.el9_4.inferit x86_64|aarch64 0:2.0.26-2.el9_4.1 x86_64|aarch64 0:8.0.10-1.el9_4 x86_64|aarch64 0:8.0.110-1.el9_4 x86_64|aarch64 0:6.0.35-1.el9_4 x86_64|aarch64 0:6.0.135-1.el9_4 x86_64|aarch64 0:1.2.50-1.el9_4.1 x86_64|aarch64 0:3.4.1-4.el9_4 x86_64|aarch64 0:5.1.1-3.el9_4 x86_64|aarch64 0:0.4.1-7.el9_4 i686|x86_64|aarch64 0:1.12.9-3.el9_4 0:1.12.9-3.el9_4 i686|x86_64|aarch64 0:9.54.0-17.el9_4 0:9.54.0-17.el9_4 x86_64|aarch64 0:9.54.0-17.el9_4 x86_64|aarch64 0:1.21.1-8.el9_4 1:7.1.8.1-14.el9_4.inferit x86_64 1:7.1.8.1-14.el9_4.inferit x86_64|aarch64 1:7.1.8.1-14.el9_4.inferit i686|x86_64|aarch64 1:1.42.0-2.el9_4 i686|x86_64|aarch64 0:5.15.9-10.el9_4 0:5.15.9-10.el9_4 i686|x86_64|aarch64 0:2.68.4-14.el9_4.1 0:2.68.4-14.el9_4.1 x86_64|aarch64 0:2.68.4-14.el9_4.1 i686|x86_64|aarch64 0:2.5.0-2.el9_4.1 x86_64|aarch64 1:21.0.5.0.10-3.el9.inferit 0:2024.2.69_v8.0.303-91.4.el9_4.inferit.1 x86_64|aarch64 1:21.0.4.0.7-1.el9.inferit x86_64|aarch64 1:11.0.24.0.8-2.el9.inferit x86_64|aarch64 1:17.0.12.0.7-2.el9.inferit i686|x86_64|aarch64 0:1.19.1-2.el9_4 x86_64|aarch64 0:1.1-1.el9_4.1 0:1.1-1.el9_4.1 0:2.10-7.el9_4.1 x86_64|aarch64 0:7.0.19-1.el9_4 x86_64|aarch64 0:7.0.119-1.el9_4 i686|x86_64|aarch64 0:3.8.3-4.el9_4 x86_64|aarch64 0:3.8.3-4.el9_4 x86_64|aarch64 0:2.0.26-2.el9_4 x86_64|aarch64 3:2.1.0-18.el9 x86_64|aarch64 0:1.2.2-2.el9 i686|x86_64|aarch64 0:0.13.71-11.el9_4 x86_64|aarch64 0:0.13.71-11.el9_4 i686|x86_64|aarch64 0:3.2.1-10.el9 i686|x86_64|aarch64 0:1.22.1-2.el9 0:2.78.0-1.el9 i686|x86_64|aarch64 0:1.22.1-4.el9 x86_64|aarch64 5:2.2.6-2.el9 x86_64|aarch64 14:4.99.0-9.el9 i686|x86_64|aarch64 0:2.7.4-10.el9 x86_64|aarch64 0:4.4-10.git1.el9 i686|x86_64|aarch64 0:3.5.13-10.el9 i686|x86_64|aarch64 0:1.7.0-9.el9 0:1.7.0-9.el9 x86_64|aarch64 4:5.32.1-481.el9 0:1.01-481.el9 0:5.74-481.el9 x86_64|aarch64 0:1.80-481.el9 0:1.23-481.el9 0:0.66-481.el9 0:0.03-481.el9 0:0.06-481.el9 x86_64|aarch64 0:1.28-481.el9 0:1.06-481.el9 0:1.05-481.el9 0:2.27-481.el9 x86_64|aarch64 0:1.47-481.el9 0:1.11-481.el9 x86_64|aarch64 0:1.30-481.el9 0:0.25-481.el9 0:1.35-481.el9 0:1.09-481.el9 x86_64|aarch64 0:1.13-481.el9 0:2.85-481.el9 0:1.100.600-481.el9 0:2.34-481.el9 x86_64|aarch64 0:1.12-481.el9 0:1.37-481.el9 0:1.10-481.el9 0:2.03-481.el9 0:1.51-481.el9 x86_64|aarch64 0:1.18-481.el9 0:1.12-481.el9 x86_64|aarch64 0:0.23-481.el9 x86_64|aarch64 0:1.20-481.el9 0:1.02-481.el9 0:0.44-481.el9 x86_64|aarch64 0:0.19-481.el9 x86_64|aarch64 0:1.43-481.el9 0:1.21-481.el9 1:0.21-481.el9 0:1.59-481.el9 0:1.03-481.el9 1:0.08-481.el9 x86_64|aarch64 0:1.15-481.el9 0:0.67-481.el9 x86_64|aarch64 0:1.16-481.el9 x86_64|aarch64 0:1.48-481.el9 x86_64|aarch64 0:1.94-481.el9 0:1.13-481.el9 0:1.25-481.el9 0:2.41-481.el9 0:1.07-481.el9 0:1.26-481.el9 0:1.08-481.el9 x86_64|aarch64 0:1.23-481.el9 0:1.403-481.el9 0:1.17-481.el9 0:1.31-481.el9 0:3.05-481.el9 0:2.13-481.el9 0:4.6-481.el9 0:1.1-481.el9 x86_64|aarch64 0:1.3401-481.el9 0:0.75-481.el9 0:1.56-481.el9 0:0.04-481.el9 i686|x86_64|aarch64 4:5.32.1-481.el9 0:5.32.1-481.el9 0:0.13-481.el9 0:0.60.800-481.el9 x86_64|aarch64 0:0.65-481.el9 4:5.32.1-481.el9 0:0.02-481.el9 x86_64|aarch64 0:5.32.1-481.el9 0:2.04-481.el9 0:1.04-481.el9 i686|x86_64|aarch64 0:1.0.31-8.el9 x86_64|aarch64 0:1.0.31-8.el9 x86_64|aarch64 0:1.22.1-2.el9 0:0.42.2-3.el9 i686|x86_64|aarch64 0:0.21.1-1.el9 i686|x86_64 0:0.21.1-1.el9 x86_64|aarch64 0:8.5.3-4.el9 0:8.5.3-4.el9 0:1.26.12-2.el9 x86_64|aarch64 1:1.8.0.422.b05-2.el9.inferit 1:1.8.0.422.b05-2.el9.inferit x86_64|aarch64 1:2.10-5.el9 i686|x86_64|aarch64 0:2.0.90-7.el9 x86_64|aarch64 0:2.0.90-7.el9 x86_64|aarch64 0:2.41-3.el9 x86_64|aarch64 0:37.0.2-6.el9 i686|x86_64|aarch64 0:3.0.7-162.el9_4 0:3.0.7-162.el9_4 x86_64|aarch64 0:3.0.0-162.el9_4 0:2.2.33-162.el9_4 x86_64|aarch64 0:0.5.7-162.el9_4 0:1.3.5-162.el9_4 x86_64|aarch64 0:2.5.1-162.el9_4 0:5.14.2-162.el9_4 0:1.2.1-162.el9_4 x86_64|aarch64 0:3.3.2-162.el9_4 0:13.0.3-162.el9_4 0:1.4.0-162.el9_4 0:6.3.4.1-162.el9_4 0:3.2.5-162.el9_4 0:0.2.9-162.el9_4 0:3.3.7-162.el9_4 0:0.15.2-162.el9_4 0:3.2.33-162.el9_4 i686|x86_64|aarch64 0:2.3.4-28.el9 i686|x86_64|aarch64 0:0.10.4-13.el9 0:0.10.4-13.el9 x86_64|aarch64 1:16.20.2-8.el9_4 1:16.20.2-8.el9_4 i686|x86_64|aarch64 1:16.20.2-8.el9_4 x86_64|aarch64 1:8.19.4-1.16.20.2.8.el9_4 i686|x86_64|aarch64 0:2.42.6-4.el9_4 x86_64|aarch64 0:5.39-16.el9 i686|x86_64|aarch64 0:5.39-16.el9 0:5.39-16.el9 i686|x86_64|aarch64 0:3.2.3-5.el9 x86_64|aarch64 0:3.2.3-5.el9 i686|x86_64|aarch64 0:2.9.13-6.el9_4 x86_64|aarch64 0:2.9.13-6.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-2])\.)|(5\.14\.0-427\.13\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.13\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-2])\.)|(5\.14\.0-427\.13\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.13\.0\.) x86_64 0:7.3.0-427.13.1.el9_4 x86_64 0:5.14.0-427.13.1.el9_4 0:5.14.0-427.13.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|30)\.)|(5\.14\.0-427\.31\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.31\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|30)\.)|(5\.14\.0-427\.31\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.31\.0\.) x86_64 0:7.3.0-427.31.1.el9_4 x86_64 0:5.14.0-427.31.1.el9_4 0:5.14.0-427.31.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-5])\.)|(5\.14\.0-427\.16\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.16\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-5])\.)|(5\.14\.0-427\.16\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.16\.0\.) x86_64 0:7.3.0-427.16.1.el9_4 x86_64 0:5.14.0-427.16.1.el9_4 0:5.14.0-427.16.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|3[0-4])\.)|(5\.14\.0-427\.35\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.35\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|3[0-4])\.)|(5\.14\.0-427\.35\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.35\.0\.) x86_64 0:7.3.0-427.35.1.el9_4 x86_64 0:5.14.0-427.35.1.el9_4 0:5.14.0-427.35.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|3[0-6])\.)|(5\.14\.0-427\.37\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.37\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|3[0-6])\.)|(5\.14\.0-427\.37\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.37\.0\.) x86_64 0:7.3.0-427.37.1.el9_4 x86_64 0:5.14.0-427.37.1.el9_4 0:5.14.0-427.37.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|3[0-2])\.)|(5\.14\.0-427\.33\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.33\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|3[0-2])\.)|(5\.14\.0-427\.33\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.33\.0\.) x86_64 0:7.3.0-427.33.1.el9_4 x86_64 0:5.14.0-427.33.1.el9_4 0:5.14.0-427.33.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|3[0-9])\.)|(5\.14\.0-427\.40\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.40\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-2][0-9]|3[0-9])\.)|(5\.14\.0-427\.40\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.40\.0\.) x86_64 0:7.3.0-427.40.1.el9_4 x86_64 0:5.14.0-427.40.1.el9_4 0:5.14.0-427.40.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-3][0-9]|4[0-1])\.)|(5\.14\.0-427\.42\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.42\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|[1-3][0-9]|4[0-1])\.)|(5\.14\.0-427\.42\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.42\.0\.) x86_64 0:7.3.0-427.42.1.el9_4 x86_64 0:5.14.0-427.42.1.el9_4 0:5.14.0-427.42.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-7])\.)|(5\.14\.0-427\.18\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.18\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-7])\.)|(5\.14\.0-427\.18\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.18\.0\.) x86_64 0:7.3.0-427.18.1.el9_4 x86_64 0:5.14.0-427.18.1.el9_4 0:5.14.0-427.18.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-9])\.)|(5\.14\.0-427\.20\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.20\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-9])\.)|(5\.14\.0-427\.20\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.20\.0\.) x86_64 0:7.3.0-427.20.1.el9_4 x86_64 0:5.14.0-427.20.1.el9_4 0:5.14.0-427.20.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-9]|2[0-3])\.)|(5\.14\.0-427\.24\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.24\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-9]|2[0-3])\.)|(5\.14\.0-427\.24\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.24\.0\.) x86_64 0:7.3.0-427.24.1.el9_4 x86_64 0:5.14.0-427.24.1.el9_4 0:5.14.0-427.24.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-9]|2[0-5])\.)|(5\.14\.0-427\.26\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.26\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-9]|2[0-5])\.)|(5\.14\.0-427\.26\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.26\.0\.) x86_64 0:7.3.0-427.26.1.el9_4 x86_64 0:5.14.0-427.26.1.el9_4 0:5.14.0-427.26.1.el9_4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-9]|2[0-7])\.)|(5\.14\.0-427\.28\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.28\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-3][0-9]{2}|4[0-1][0-9]|42[0-6])\.)|(5\.14\.0-427\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.([0-9]|1[0-9]|2[0-7])\.)|(5\.14\.0-427\.28\.[^\.]*[a-zA-Z])|(5\.14\.0-427\.28\.0\.) x86_64 0:7.3.0-427.28.1.el9_4 x86_64 0:5.14.0-427.28.1.el9_4 0:5.14.0-427.28.1.el9_4 x86_64 0:4.10.0-76.el9_5.4 x86_64|aarch64 0:4.10.0-76.el9_5.4 0:4.10.0-76.el9_5.4 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-9]|20)\.)|(5\.14\.0-503\.21\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.21\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-9]|20)\.)|(5\.14\.0-503\.21\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.21\.0\.) x86_64|aarch64 0:7.4.0-503.21.1.el9_5 x86_64|aarch64 0:5.14.0-503.21.1.el9_5 aarch64 0:5.14.0-503.21.1.el9_5 0:5.14.0-503.21.1.el9_5 x86_64 0:5.14.0-503.21.1.el9_5 x86_64|aarch64 0:128.6.0-1.el9_5.inferit x86_64|aarch64 1:1.48.10-5.el9_5.inferit 1:1.48.10-5.el9_5.inferit i686|x86_64|aarch64 1:1.48.10-5.el9_5.inferit i686|x86_64|aarch64 0:2.0.15-32.el9_5 x86_64|aarch64 0:4.12.2-1.el9_5.3 0:4.12.2-1.el9_5.3 x86_64|aarch64 0:3.2.3-20.el9_5.1 0:3.2.3-20.el9_5.1 i686|x86_64|aarch64 0:3.9-13.el9_5.1 i686|x86_64|aarch64 0:2.46.5-1.el9_5 x86_64|aarch64 0:128.6.0-3.el9_5.inferit x86_64|aarch64 2:23.11-2.el9_5 2:23.11-2.el9_5 i686|x86_64|aarch64 0:2.1.0-22.el9 0:2.29-3.el9 x86_64|aarch64 0:1.16.2-3.el9_3.5 i686|x86_64|aarch64 0:1.16.2-3.el9_3.5 i686|x86_64 0:9.54.0-16.el9_4 0:9.54.0-16.el9_4 x86_64 0:9.54.0-16.el9_4 x86_64 0:4.12-2.el9_4.1 0:3.9.18-3.el9_4.1 i686|x86_64 0:3.9.18-3.el9_4.1 x86_64 0:115.12.1-1.el9_4.inferit i686|x86_64 0:3.11.7-1.el9_4.1 x86_64|aarch64 0:2.43.5-1.el9_4 0:2.43.5-1.el9_4 i686|x86_64|aarch64 0:2.9.13-6.el9_5.1 x86_64|aarch64 0:2.9.13-6.el9_5.1 x86_64|aarch64 0:11.5.0-5.el9_5.inferit x86_64 0:11.5.0-5.el9_5.inferit i686|x86_64|aarch64 0:11.5.0-5.el9_5.inferit i686|x86_64 0:11.5.0-5.el9_5.inferit i686|x86_64|aarch64 0:13.20-1.el9_5 x86_64|aarch64 0:9.0.1-1.el9_5 x86_64|aarch64 0:9.0.102-1.el9_5 x86_64|aarch64 0:8.0.12-1.el9_5 x86_64|aarch64 0:8.0.112-1.el9_5 x86_64|aarch64 1:21.0.6.0.7-1.el9.inferit i686|x86_64|aarch64 1:1.1.1k-4.el9_0 x86_64|aarch64 0:1.14.1-5.el9_0 1:9.0.50-1.el9 i686|x86_64|aarch64 0:5.4.0-5.el9 i686|x86_64|aarch64 0:3.14.0-13.el9 0:3.14.0-13.el9 i686|x86_64|aarch64 0:1.2.0-11.el9 x86_64|aarch64 0:6.2.17-1.el9_5 i686|x86_64|aarch64 0:6.2.17-1.el9_5 0:6.2.17-1.el9_5 x86_64|aarch64 0:128.7.0-1.el9_5.inferit x86_64|aarch64 0:8.0.30-1.el9_2 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-9]|2[0-1])\.)|(5\.14\.0-503\.22\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.22\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-9]|2[0-1])\.)|(5\.14\.0-503\.22\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.22\.0\.) x86_64|aarch64 0:7.4.0-503.22.1.el9_5 x86_64|aarch64 0:5.14.0-503.22.1.el9_5 aarch64 0:5.14.0-503.22.1.el9_5 0:5.14.0-503.22.1.el9_5 x86_64 0:5.14.0-503.22.1.el9_5 x86_64|aarch64 0:2.4.22-3.el9_3 0:42.2.28-1.el9_3 x86_64|aarch64 0:8.0.36-1.el9_3 i686|x86_64|aarch64 0:1.7.0-12.el9_3 1:0.36.2-8.el9 x86_64|aarch64 0:6.2-10.20210508.el9 0:6.2-10.20210508.el9 i686|x86_64|aarch64 0:6.2-10.20210508.el9 i686|x86_64|aarch64 1:6.2.0-13.el9 i686|x86_64|aarch64 0:1.3.3-13.el9 i686|x86_64|aarch64 1:0.9.72-5.el9 1:0.9.72-5.el9 x86_64|aarch64 0:36.0.1-4.el9 x86_64|aarch64 0:6.1.0-9.el9 i686|x86_64|aarch64 0:0.11.0-7.el9 x86_64|aarch64 0:0.11.0-7.el9 x86_64|aarch64 0:14-2.el9 i686|x86_64|aarch64 0:0.99.9-5.el9 x86_64|aarch64 0:0.99.9-5.el9 i686|x86_64|aarch64 0:0.31.1-65.el9 0:2.14.1-2.el9 x86_64|aarch64 0:3.5.3-4.el9 i686|x86_64|aarch64 0:3.5.3-4.el9 i686|x86_64|aarch64 0:3.16.1-5.el9 0:3.16.1-5.el9 x86_64|aarch64 1:17.0.14.0.7-2.el9.inferit 0:1.1.4-6.el9 x86_64|aarch64 0:115-6.el9_1.inferit i686|x86_64|aarch64 0:4.16.0-8.el9_1 x86_64|aarch64 0:4.16.0-8.el9_1 i686|x86_64|aarch64 0:2.10.4-9.el9 0:6.4.1-9.el9_1 x86_64|aarch64 0:5.2.5-8.el9_0 i686|x86_64|aarch64 0:5.2.5-8.el9_0 x86_64|aarch64 0:3.1.2-4.el9_3 x86_64|aarch64 0:1.9.5p2-10.el9_3 i686|x86_64|aarch64 0:0.23.0-4.el9_3 i686|x86_64|aarch64 0:0.40.0-6.el9_3 x86_64|aarch64 0:7.3.0-13.el9_3 0:7.3.0-13.el9_3 i686|x86_64|aarch64 0:3.34.1-7.el9_3.inferit x86_64|aarch64 2:2.99.8-4.el9_3 i686|x86_64|aarch64 2:2.99.8-4.el9_3 i686|x86_64|aarch64 0:2.48-9.el9_2 aarch64|x86_64 9:20200406-26.el9_2 9:20200406-26.el9_2 x86_64|aarch64 9:20200406-26.el9_2 i686|x86_64|aarch64 9:20200406-26.el9_2 x86_64|aarch64 0:1.3.3-10.el9_2.1 i686|x86_64|aarch64 0:1.3.3-10.el9_2.1 i686|x86_64|aarch64 0:1.9.0-7.el9_2 x86_64|aarch64 0:4.6.5-3.el9 x86_64|aarch64 0:6.2.7-1.el9 i686|x86_64|aarch64 0:6.2.7-1.el9 0:6.2.7-1.el9 i686|x86_64|aarch64 0:2.4.0-7.el9 i686|x86_64|aarch64 0:1.0.10-6.el9.2 x86_64|aarch64 32:9.18.29-1.el9_5.1 i686|x86_64|aarch64 32:9.18.29-1.el9_5.1 32:9.18.29-1.el9_5.1 i686|x86_64|aarch64 0:2.72.0-8.el9_5.3 x86_64|aarch64 0:2020.3-8.el9_5.1 i686|x86_64|aarch64 0:2020.3-8.el9_5.1 0:2.78.6-2.el9 0:2.11.3-7.el9_5 x86_64|aarch64 0:3.4.1-4.el9_5 x86_64|aarch64 2:1.37.6-1.el9_5 x86_64|aarch64 0:1.0.8-10.el9_5 i686|x86_64|aarch64 0:1.0.8-10.el9_5 x86_64|aarch64 4:5.2.2-13.el9_5 4:5.2.2-13.el9_5 x86_64|aarch64 0:26.4.20-1.el9_5 x86_64|aarch64 3:10.5.27-1.el9_5 x86_64|aarch64 0:2.2.8-4.el9_5 x86_64|aarch64 0:14.2.1-1.3.el9_5 i686|x86_64|aarch64 0:14.2.1-1.3.el9_5 i686|x86_64 0:14.2.1-1.3.el9_5 x86_64 0:14.2.1-1.3.el9_5 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-9]|2[0-2])\.)|(5\.14\.0-503\.23\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.23\.[0-1]\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-9]|2[0-2])\.)|(5\.14\.0-503\.23\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.23\.[0-1]\.) x86_64|aarch64 0:7.4.0-503.23.2.el9_5 x86_64|aarch64 0:5.14.0-503.23.2.el9_5 aarch64 0:5.14.0-503.23.2.el9_5 0:5.14.0-503.23.2.el9_5 x86_64 0:5.14.0-503.23.2.el9_5 x86_64|aarch64 1:3.2.2-6.el9_5.1 i686|x86_64|aarch64 1:3.2.2-6.el9_5.1 x86_64|aarch64 0:13.3.1-2.2.el9_5 i686|x86_64|aarch64 0:13.3.1-2.2.el9_5 i686|x86_64 0:13.3.1-2.2.el9_5 x86_64 0:13.3.1-2.2.el9_5 x86_64|aarch64 1:1.9.1-12.el9_5 x86_64|aarch64 0:13.20-1.el9_5 0:13.20-1.el9_5 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-9]|2[0-5])\.)|(5\.14\.0-503\.26\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.26\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-9]|2[0-5])\.)|(5\.14\.0-503\.26\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.26\.0\.) x86_64|aarch64 0:7.4.0-503.26.1.el9_5 x86_64|aarch64 0:5.14.0-503.26.1.el9_5 aarch64 0:5.14.0-503.26.1.el9_5 0:5.14.0-503.26.1.el9_5 x86_64 0:5.14.0-503.26.1.el9_5 x86_64|aarch64 1:27.2-11.el9_5.1.inferit 1:27.2-11.el9_5.1.inferit x86_64|aarch64 0:8.0.41-2.el9_5 x86_64|aarch64 32:9.16.23-24.el9_5.3 i686|x86_64|aarch64 32:9.16.23-24.el9_5.3 32:9.16.23-24.el9_5.3 i686|x86_64|aarch64 0:2.46.6-1.el9_5 x86_64|aarch64 0:128.8.0-1.el9_5.inferit x86_64|aarch64 0:1.14.1-1.el9_5.1 0:1.14.1-1.el9_5.1 x86_64|aarch64 0:0.11.8-1.el9_5.2 i686|x86_64|aarch64 0:2.46.6-2.el9_5 1:2.06-94.el9_5.inferit aarch64 1:2.06-94.el9_5.inferit x86_64 1:2.06-94.el9_5.inferit x86_64|aarch64 1:2.06-94.el9_5.inferit x86_64|aarch64 0:128.8.0-2.el9_5.inferit ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|10)\.)|(5\.14\.0-503\.11\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.11\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|10)\.)|(5\.14\.0-503\.11\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.11\.0\.) x86_64|aarch64 0:7.4.0-503.11.1.el9_5 x86_64|aarch64 0:5.14.0-503.11.1.el9_5 aarch64 0:5.14.0-503.11.1.el9_5 0:5.14.0-503.11.1.el9_5 x86_64 0:5.14.0-503.11.1.el9_5 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|30)\.)|(5\.14\.0-503\.31\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.31\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|30)\.)|(5\.14\.0-503\.31\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.31\.0\.) x86_64|aarch64 0:7.4.0-503.31.1.el9_5 x86_64|aarch64 0:5.14.0-503.31.1.el9_5 aarch64 0:5.14.0-503.31.1.el9_5 0:5.14.0-503.31.1.el9_5 x86_64 0:5.14.0-503.31.1.el9_5 x86_64|aarch64 0:8.0.14-1.el9_5 x86_64|aarch64 0:8.0.114-1.el9_5 x86_64|aarch64 0:9.0.3-1.el9_5 x86_64|aarch64 0:9.0.104-1.el9_5 i686|x86_64|aarch64 0:2.9.13-6.el9_5.2 x86_64|aarch64 0:2.9.13-6.el9_5.2 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|3[0-7])\.)|(5\.14\.0-503\.38\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.38\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|3[0-7])\.)|(5\.14\.0-503\.38\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.38\.0\.) x86_64|aarch64 0:7.4.0-503.38.1.el9_5 x86_64|aarch64 0:5.14.0-503.38.1.el9_5 aarch64 0:5.14.0-503.38.1.el9_5 0:5.14.0-503.38.1.el9_5 x86_64 0:5.14.0-503.38.1.el9_5 x86_64|aarch64 6:0.8.5-1.el9_5 x86_64|aarch64 2:2.99.8-4.el9_5 i686|x86_64|aarch64 2:2.99.8-4.el9_5 x86_64|aarch64 0:0.107.0-10.el9_5 1:7.1.8.1-15.el9_5.inferit x86_64 1:7.1.8.1-15.el9_5.inferit x86_64|aarch64 1:7.1.8.1-15.el9_5.inferit aarch64|x86_64 1:7.1.8.1-15.el9_5.inferit 0:2.11.3-8.el9_5 i686|x86_64|aarch64 0:2.10.4-10.el9_5 i686|x86_64|aarch64 0:2.5.0-3.el9_5.3 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|3[0-4])\.)|(5\.14\.0-503\.35\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.35\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|3[0-4])\.)|(5\.14\.0-503\.35\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.35\.0\.) x86_64|aarch64 0:7.4.0-503.35.1.el9_5 x86_64|aarch64 0:5.14.0-503.35.1.el9_5 aarch64 0:5.14.0-503.35.1.el9_5 0:5.14.0-503.35.1.el9_5 x86_64 0:5.14.0-503.35.1.el9_5 x86_64|aarch64 0:128.9.0-2.el9_5.inferit i686|x86_64|aarch64 0:3.11.9-7.el9_5.3 1:9.0.87-2.el9_5.1 i686|x86_64|aarch64 0:3.12.5-2.el9_5.3 i686|x86_64|aarch64 0:2.48.1-1.el9_5 x86_64|aarch64 0:1.24.1-2.el9_5 x86_64|aarch64 0:1.23.6-2.el9_5 0:1.23.6-2.el9_5 4:20240910-1.20250211.1.el9_5 i686|x86_64|aarch64 0:1.1.34-9.el9_5.1 x86_64 0:4.10.0-76.el9_5.6 x86_64|aarch64 0:4.10.0-76.el9_5.6 0:4.10.0-76.el9_5.6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|3[0-3])\.)|(5\.14\.0-503\.34\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.34\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|3[0-3])\.)|(5\.14\.0-503\.34\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.34\.0\.) x86_64|aarch64 0:7.4.0-503.34.1.el9_5 x86_64|aarch64 0:5.14.0-503.34.1.el9_5 aarch64 0:5.14.0-503.34.1.el9_5 0:5.14.0-503.34.1.el9_5 x86_64 0:5.14.0-503.34.1.el9_5 x86_64|aarch64 0:10.2.6-9.el9_5 x86_64|aarch64 4:5.2.2-15.el9_5 4:5.2.2-15.el9_5 x86_64|aarch64 0:0.107.0-8.el9_5 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|3[0-9])\.)|(5\.14\.0-503\.40\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.40\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|[1-2][0-9]|3[0-9])\.)|(5\.14\.0-503\.40\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.40\.0\.) x86_64|aarch64 0:7.4.0-503.40.1.el9_5 x86_64|aarch64 0:5.14.0-503.40.1.el9_5 aarch64 0:5.14.0-503.40.1.el9_5 0:5.14.0-503.40.1.el9_5 x86_64 0:5.14.0-503.40.1.el9_5 x86_64|aarch64 0:128.9.2-1.el9_5.inferit i686|x86_64|aarch64 0:2.34-125.el9_5.8 x86_64|aarch64 0:2.34-125.el9_5.8 0:2.34-125.el9_5.8 x86_64 0:2.34-125.el9_5.8 aarch64|x86_64 0:2.34-125.el9_5.8 x86_64|aarch64|i686 0:2.34-125.el9_5.8 i686|aarch64|x86_64 0:2.34-125.el9_5.8 i686|x86_64|aarch64 0:1.1.34-9.el9_5.2 x86_64|aarch64 1:21.0.7.0.6-1.el9.inferit x86_64|aarch64 1:17.0.15.0.6-2.el9.inferit x86_64|aarch64 1:1.8.0.452.b09-2.el9.inferit 1:1.8.0.452.b09-2.el9.inferit x86_64|aarch64 0:2.5.2-9.el9_5 0:2.5.2-9.el9_5 x86_64|aarch64 17:9.0.0-10.el9_5.3.inferit x86_64 17:9.0.0-10.el9_5.3.inferit i686|x86_64|aarch64 0:3.0.7-165.el9_5 0:3.0.7-165.el9_5 x86_64|aarch64 0:3.0.0-165.el9_5 0:2.2.33-165.el9_5 x86_64|aarch64 0:0.5.7-165.el9_5 0:1.3.5-165.el9_5 x86_64|aarch64 0:2.5.1-165.el9_5 0:5.14.2-165.el9_5 0:1.2.1-165.el9_5 x86_64|aarch64 0:3.3.2-165.el9_5 0:13.0.3-165.el9_5 0:1.4.0-165.el9_5 0:6.3.4.1-165.el9_5 0:3.2.5-165.el9_5 0:0.2.9-165.el9_5 0:3.3.7-165.el9_5 0:0.15.2-165.el9_5 0:3.2.33-165.el9_5 x86_64|aarch64 0:118.2-1.el9_5.inferit x86_64|aarch64 0:128.10.0-1.el9_5.inferit x86_64|aarch64 1:27.2-11.el9_5.2.inferit 1:27.2-11.el9_5.2.inferit x86_64|aarch64 2:1.20.1-22.el9_6.2.inferit 2:1.20.1-22.el9_6.2.inferit x86_64|aarch64 2:1.18.1-1.el9_6 x86_64|aarch64 0:1.20.11-28.el9_6 i686|x86_64|aarch64 0:1.20.11-28.el9_6 0:1.20.11-28.el9_6 i686|x86_64|aarch64 0:3.14.0-16.el9 0:3.14.0-16.el9 0:1.1.3-13.el9_6 x86_64|aarch64 2:40.3-2.el9_6.1 i686|x86_64|aarch64 2:40.3-2.el9_6.1 x86_64|aarch64 0:128.10.0-1.el9_6.inferit x86_64|aarch64 0:366-10.el9_6 x86_64|aarch64 0:132.2-1.el9_6.inferit i686|x86_64|aarch64 0:2.5.0-5.el9_6 x86_64|aarch64 2:8.2.2637-22.el9_6 2:8.2.2637-22.el9_6 i686|x86_64|aarch64 0:0.8-22.el9_6 x86_64|aarch64 0:0.8-22.el9_6 x86_64|aarch64 0:9.0.5-1.el9_6 x86_64|aarch64 0:9.0.106-1.el9_6 0:2.25.1-9.el9 4:20250211-1.el9_6 x86_64|aarch64 0:6.2.18-1.el9_6 i686|x86_64|aarch64 0:6.2.18-1.el9_6 0:6.2.18-1.el9_6 x86_64|aarch64 0:8.7p1-45.el9 x86_64|aarch64 0:0.10.4-5.45.el9 i686|x86_64|aarch64 0:2.72.0-10.el9_6.1 x86_64|aarch64 0:8.0.16-1.el9_6 x86_64|aarch64 0:8.0.116-1.el9_6 i686|x86_64|aarch64 0:1.21.1-6.el9 x86_64|aarch64 0:1.21.1-6.el9 x86_64|aarch64 0:1.2.2-1.el9 x86_64|aarch64 0:3.2.5-3.el9 0:3.2.5-3.el9 x86_64|aarch64 0:8.0.30-3.el9_6 x86_64|aarch64 0:10.2.6-11.el9_6 i686|x86_64|aarch64 0:9.54.0-18.el9_6 0:9.54.0-18.el9_6 x86_64|aarch64 0:9.54.0-18.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-5])\.)|(5\.14\.0-570\.16\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.16\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-5])\.)|(5\.14\.0-570\.16\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.16\.0\.) x86_64|aarch64 0:5.14.0-570.16.1.el9_6 aarch64 0:5.14.0-570.16.1.el9_6 0:5.14.0-570.16.1.el9_6 x86_64 0:5.14.0-570.16.1.el9_6 x86_64|aarch64 0:2.47.1-2.el9_6 0:2.47.1-2.el9_6 x86_64|aarch64 2:2.99.8-4.el9_6 i686|x86_64|aarch64 2:2.99.8-4.el9_6 x86_64|aarch64 0:2.4.10-1.el9_6.1 i686|x86_64|aarch64 0:1.1.34-13.el9_6 x86_64|aarch64 6:0.8.5-1.el9_6 0:1.30-6.el9 x86_64|aarch64 2:1.39.4-1.el9_6 x86_64|aarch64 0:3.1.9-2.el9_6 i686|x86_64|aarch64 0:3.1.9-2.el9_6 x86_64|aarch64 0:0.2.2-2.el9 x86_64|aarch64 0:3.6.1-1.el9 x86_64|aarch64 0:41.0.7-2.el9 i686|x86_64|aarch64 0:23.2.7-3.el9_6 x86_64|aarch64 2:1.14.0-1.el9 i686|x86_64|aarch64 0:3.8.3-6.el9.inferit x86_64|aarch64 0:3.8.3-6.el9.inferit x86_64|aarch64 0:10.2.6-13.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-6])\.)|(5\.14\.0-570\.17\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.17\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-6])\.)|(5\.14\.0-570\.17\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.17\.0\.) x86_64|aarch64 0:5.14.0-570.17.1.el9_6 aarch64 0:5.14.0-570.17.1.el9_6 0:5.14.0-570.17.1.el9_6 x86_64 0:5.14.0-570.17.1.el9_6 i686|x86_64|aarch64 1:1.1.1k-5.el9_6.1 x86_64|aarch64 0:128.10.1-1.el9_6.inferit i686|x86_64|aarch64 0:2.48.2-1.el9_6 1:2.06-104.el9_6.inferit.1 aarch64 1:2.06-104.el9_6.inferit.1 x86_64 1:2.06-104.el9_6.inferit.1 x86_64|aarch64 1:2.06-104.el9_6.inferit.1 i686|x86_64|aarch64 0:3.12.9-1.el9 x86_64|aarch64 0:1.1.6-3.el9_6 x86_64|aarch64 0:8.0.30-2.el9 i686|x86_64|aarch64 0:1.22.12-4.el9 x86_64|aarch64 0:1.22.12-4.el9 i686|x86_64|aarch64 0:2.4.0-8.el9 x86_64|aarch64 0:2025.5-1.el9 i686|x86_64|aarch64 0:2025.5-1.el9 x86_64|aarch64 0:132-1.el9.inferit i686|x86_64|aarch64 0:3.11.11-2.el9 x86_64|aarch64 0:0.11.9-2.el9 i686|x86_64|aarch64 0:4.16.0-9.el9 x86_64|aarch64 0:4.16.0-9.el9 i686|x86_64|aarch64 0:9.54.0-19.el9_6 0:9.54.0-19.el9_6 x86_64|aarch64 0:9.54.0-19.el9_6 x86_64|aarch64 0:2.6.1-8.el9_6 0:2.6.1-8.el9_6 x86_64|aarch64 5:5.4.0-9.el9_6 5:5.4.0-9.el9_6 i686|x86_64|aarch64 0:2.48.1-1.el9_6 x86_64|aarch64 2:1.20.1-22.el9.inferit 2:1.20.1-22.el9.inferit i686|x86_64|aarch64 0:1.22.12-3.el9 x86_64|aarch64 0:0.2.27-3.el9 0:3.9.21-2.el9 i686|x86_64|aarch64 0:3.9.21-2.el9 i686|x86_64|aarch64 0:1.5.1-22.el9_5 x86_64|aarch64 0:1.5.1-22.el9_5 i686|x86_64|aarch64 0:3.11.9-7.el9_5.2 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-8])\.)|(5\.14\.0-503\.19\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.19\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-8])\.)|(5\.14\.0-503\.19\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.19\.0\.) x86_64|aarch64 0:7.4.0-503.19.1.el9_5 x86_64|aarch64 0:5.14.0-503.19.1.el9_5 aarch64 0:5.14.0-503.19.1.el9_5 0:5.14.0-503.19.1.el9_5 x86_64 0:5.14.0-503.19.1.el9_5 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-5])\.)|(5\.14\.0-503\.16\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.16\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-5])\.)|(5\.14\.0-503\.16\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.16\.0\.) x86_64|aarch64 0:7.4.0-503.16.1.el9_5 x86_64|aarch64 0:5.14.0-503.16.1.el9_5 aarch64 0:5.14.0-503.16.1.el9_5 0:5.14.0-503.16.1.el9_5 x86_64 0:5.14.0-503.16.1.el9_5 x86_64|aarch64 0:1.32.9-1.el9_5 i686|x86_64|aarch64 0:1.32.9-1.el9_5 0:20240524-6.el9_5.3.inferit x86_64|aarch64 0:20240524-6.el9_5.3.inferit 0:1.26.12-2.el9_5.2 i686|x86_64|aarch64 0:1.22.1-3.el9_5 x86_64|aarch64 0:1.22.1-3.el9_5 0:3.9.21-1.el9_5 i686|x86_64|aarch64 0:3.9.21-1.el9_5 i686|x86_64|aarch64 0:3.12.5-2.el9_5.2 i686|x86_64|aarch64 0:3.0.7-163.el9_5 0:3.0.7-163.el9_5 x86_64|aarch64 0:3.0.0-163.el9_5 0:2.2.33-163.el9_5 x86_64|aarch64 0:0.5.7-163.el9_5 0:1.3.5-163.el9_5 x86_64|aarch64 0:2.5.1-163.el9_5 0:5.14.2-163.el9_5 0:1.2.1-163.el9_5 x86_64|aarch64 0:3.3.2-163.el9_5 0:13.0.3-163.el9_5 0:1.4.0-163.el9_5 0:6.3.4.1-163.el9_5 0:3.2.5-163.el9_5 0:0.2.9-163.el9_5 0:3.3.7-163.el9_5 0:0.15.2-163.el9_5 0:3.2.33-163.el9_5 x86_64|aarch64 0:1.14.1-1.el9_5 0:1.14.1-1.el9_5 0:1.7044-14.1.el9_5 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-4])\.)|(5\.14\.0-503\.15\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.15\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|50[0-2])\.)|(5\.14\.0-503\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.([0-9]|1[0-4])\.)|(5\.14\.0-503\.15\.[^\.]*[a-zA-Z])|(5\.14\.0-503\.15\.0\.) x86_64|aarch64 0:7.4.0-503.15.1.el9_5 x86_64|aarch64 0:5.14.0-503.15.1.el9_5 aarch64 0:5.14.0-503.15.1.el9_5 0:5.14.0-503.15.1.el9_5 x86_64 0:5.14.0-503.15.1.el9_5 0:2.24.0-2.el9_5 i686|x86_64|aarch64 0:2.46.3-2.el9_5 x86_64|aarch64 0:128.5.0-1.el9_5.inferit x86_64|aarch64 0:13.18-1.el9_5 0:13.18-1.el9_5 x86_64|aarch64 0:128.5.1-1.el9_5.inferit x86_64|aarch64 1:1.6.2-2.el9_6 x86_64|aarch64 2:1.39.4-2.el9_6 x86_64|aarch64 6:0.8.5-2.el9_6 x86_64|aarch64 2:2.99.8-4.el9_6.2 i686|x86_64|aarch64 2:2.99.8-4.el9_6.2 x86_64|aarch64 0:4.12.2-14.el9_6.1 0:4.12.2-14.el9_6.1 x86_64|aarch64 5:5.4.0-10.el9_6 5:5.4.0-10.el9_6 x86_64|aarch64 2:1.18.1-2.el9_6 x86_64|aarch64 0:1.23.9-1.el9_6 0:1.23.9-1.el9_6 x86_64|aarch64 0:128.11.0-1.el9_6.inferit i686|x86_64|aarch64 0:2.72.0-10.el9_6.2 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-7])\.)|(5\.14\.0-570\.18\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.18\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-7])\.)|(5\.14\.0-570\.18\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.18\.0\.) x86_64|aarch64 0:5.14.0-570.18.1.el9_6 aarch64 0:5.14.0-570.18.1.el9_6 0:5.14.0-570.18.1.el9_6 x86_64 0:5.14.0-570.18.1.el9_6 x86_64|aarch64 0:0.11.9-2.el9_6.1 x86_64|aarch64 0:6.4.2-2.el9_6.2 i686|x86_64|aarch64 0:1.22.12-4.el9_6 x86_64|aarch64 0:1.3.22-1.el9_5.2 x86_64|aarch64 0:1.16.2-18.el9_6 i686|x86_64|aarch64 0:1.16.2-18.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-8])\.)|(5\.14\.0-570\.19\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.19\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-8])\.)|(5\.14\.0-570\.19\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.19\.0\.) x86_64|aarch64 0:5.14.0-570.19.1.el9_6 aarch64 0:5.14.0-570.19.1.el9_6 0:5.14.0-570.19.1.el9_6 x86_64 0:5.14.0-570.19.1.el9_6 i686|x86_64|aarch64 0:6.6.2-6.el9_6.1 x86_64|aarch64 0:6.6.2-6.el9_6.1 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|20)\.)|(5\.14\.0-570\.21\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.21\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|20)\.)|(5\.14\.0-570\.21\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.21\.0\.) x86_64|aarch64 0:5.14.0-570.21.1.el9_6 aarch64 0:5.14.0-570.21.1.el9_6 0:5.14.0-570.21.1.el9_6 x86_64 0:5.14.0-570.21.1.el9_6 x86_64|aarch64 1:0.79-8.1.el9_6 x86_64|aarch64 0:10.2.6-14.el9_6 i686|x86_64|aarch64 0:2.34-168.el9_6.19 x86_64|aarch64 0:2.34-168.el9_6.19 0:2.34-168.el9_6.19 x86_64 0:2.34-168.el9_6.19 x86_64|aarch64 0:5.1.1-11.el9_6 i686|x86_64|aarch64 0:1.9.0-9.el9_6 x86_64|aarch64 0:9.0.6-1.el9_6 x86_64|aarch64 0:9.0.107-1.el9_6 x86_64|aarch64 0:8.0.17-1.el9_6 x86_64|aarch64 0:8.0.117-1.el9_6 x86_64|aarch64 0:2.9.6-2.el9_6 0:1.9.4-10.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-1])\.)|(5\.14\.0-570\.22\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.22\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-1])\.)|(5\.14\.0-570\.22\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.22\.0\.) x86_64|aarch64 0:5.14.0-570.22.1.el9_6 aarch64 0:5.14.0-570.22.1.el9_6 0:5.14.0-570.22.1.el9_6 x86_64 0:5.14.0-570.22.1.el9_6 x86_64|aarch64 0:3.6.1-2.el9_6 i686|x86_64|aarch64 0:5.15.9-11.el9_6 0:5.15.9-11.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-3])\.)|(5\.14\.0-570\.24\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.24\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-3])\.)|(5\.14\.0-570\.24\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.24\.0\.) x86_64|aarch64 0:5.14.0-570.24.1.el9_6 aarch64 0:5.14.0-570.24.1.el9_6 0:5.14.0-570.24.1.el9_6 x86_64 0:5.14.0-570.24.1.el9_6 x86_64|aarch64 0:35.12-4.el9_6 x86_64|aarch64 0:132.2-2.el9_6.inferit i686|x86_64|aarch64 0:1.5.1-25.el9_6 x86_64|aarch64 0:1.5.1-25.el9_6 x86_64|aarch64 1:27.2-14.el9_6.2.inferit 1:27.2-14.el9_6.2.inferit x86_64|aarch64 0:1.3.22-1.el9_6.1 x86_64|aarch64 0:3.5.3-5.el9_6 i686|x86_64|aarch64 0:3.5.3-5.el9_6 i686|x86_64|aarch64 0:1.21.1-8.el9_6 x86_64|aarch64 0:1.21.1-8.el9_6 x86_64|aarch64 0:2.4.10-1.el9_6.2 i686|x86_64|aarch64 0:2.28-14.el9_6 x86_64|aarch64 0:2.28-14.el9_6 \nstream\s*=\s*22\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*22\b x86_64|aarch64 1:22.16.0-1.module+el9.6.0+659+03cc2203 1:22.16.0-1.module+el9.6.0+659+03cc2203 0:3.0.1-1.module+el9.5.0+561+6f1934e4 0:2021.06-4.module+el9.5.0+561+6f1934e4 x86_64|aarch64 1:10.9.2-1.22.16.0.1.module+el9.6.0+659+03cc2203 x86_64|aarch64 3:12.4.254.21-1.22.16.0.1.module+el9.6.0+659+03cc2203 x86_64|aarch64 1:22.15.0-1.module+el9.6.0+638+069c87f8 1:22.15.0-1.module+el9.6.0+638+069c87f8 x86_64|aarch64 1:10.9.2-1.22.15.0.1.module+el9.6.0+638+069c87f8 x86_64|aarch64 3:12.4.254.21-1.22.15.0.1.module+el9.6.0+638+069c87f8 \nstream\s*=\s*7\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*7\b x86_64|aarch64 0:7.2.8-1.module+el9.6.0+642+3687afe8 0:7.2.8-1.module+el9.6.0+642+3687afe8 x86_64|aarch64 1:20.19.1-1.module+el9.6.0+637+9c462111 1:20.19.1-1.module+el9.6.0+637+9c462111 0:3.0.1-1.module+el9.5.0+512+c880e519 0:2021.06-4.module+el9.5.0+512+c880e519 x86_64|aarch64 1:10.8.2-1.20.19.1.1.module+el9.6.0+637+9c462111 \nstream\s*=\s*8.2\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*8.2\b 0:5.1.23-1.module+el9.5.0+558+029a2bd0 x86_64|aarch64 0:8.2.28-1.module+el9.6.0+639+86f56657 x86_64|aarch64 0:5.1.23-1.module+el9.5.0+558+029a2bd0 x86_64|aarch64 0:2.0.3-4.module+el9.5.0+558+029a2bd0 x86_64|aarch64 0:3.2.2-2.module+el9.5.0+558+029a2bd0 x86_64|aarch64 0:1.22.3-1.module+el9.5.0+558+029a2bd0 \nstream\s*=\s*8.3\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*8.3\b 0:5.1.23-1.module+el9.6.0+640+34ed67ea x86_64|aarch64 0:8.3.19-1.module+el9.6.0+640+34ed67ea x86_64|aarch64 0:5.1.23-1.module+el9.6.0+640+34ed67ea x86_64|aarch64 0:6.1.0-2.module+el9.6.0+640+34ed67ea x86_64|aarch64 0:2.0.3-4.module+el9.6.0+640+34ed67ea x86_64|aarch64 0:3.3.1-1.module+el9.6.0+640+34ed67ea x86_64|aarch64 0:1.22.3-1.module+el9.6.0+640+34ed67ea x86_64|aarch64 1:20.19.2-1.module+el9.6.0+658+5d530aee 1:20.19.2-1.module+el9.6.0+658+5d530aee x86_64|aarch64 1:10.8.2-1.20.19.2.1.module+el9.6.0+658+5d530aee x86_64|aarch64 0:1.4.8-2.module+el9.5.0+543+6105bb3d x86_64|aarch64 0:1.7.0-1.module+el9.5.0+543+6105bb3d x86_64|aarch64 0:1.9.7-1.Final.module+el9.5.0+543+6105bb3d x86_64|aarch64 0:15.10-1.module+el9.5.0+543+6105bb3d 0:15.10-1.module+el9.5.0+543+6105bb3d x86_64|aarch64 1:22.13.1-1.module+el9.5.0+596+7a782450 1:22.13.1-1.module+el9.5.0+596+7a782450 x86_64|aarch64 1:10.9.2-1.22.13.1.1.module+el9.5.0+596+7a782450 x86_64|aarch64 3:12.4.254.21-1.22.13.1.1.module+el9.5.0+596+7a782450 i686|x86_64|aarch64 0:3.3.8-4.module+el9.5.0+633+b47f7e1a 0:3.3.8-4.module+el9.5.0+633+b47f7e1a i686|x86_64|aarch64 0:3.1.5-4.module+el9.5.0+633+b47f7e1a 0:2.5.22-4.module+el9.5.0+633+b47f7e1a i686|x86_64|aarch64 0:0.7.1-4.module+el9.5.0+633+b47f7e1a 0:1.13.1-4.module+el9.5.0+633+b47f7e1a i686|x86_64|aarch64 0:2.7.2-4.module+el9.5.0+633+b47f7e1a 0:5.20.0-4.module+el9.5.0+633+b47f7e1a x86_64|aarch64 0:0.5.5-1.module+el9.5.0+510+0a85c942 0:0.5.5-1.module+el9.5.0+510+0a85c942 x86_64|aarch64 0:1.5.4-1.module+el9.5.0+510+0a85c942 0:1.5.4-1.module+el9.5.0+510+0a85c942 0:2.0.3-4.module+el9.5.0+633+b47f7e1a i686|x86_64|aarch64 0:5.1.2-4.module+el9.5.0+633+b47f7e1a i686|x86_64|aarch64 0:1.7.3-4.module+el9.5.0+633+b47f7e1a 0:13.1.0-4.module+el9.5.0+633+b47f7e1a i686|x86_64|aarch64 0:3.4.0-4.module+el9.5.0+633+b47f7e1a 0:6.6.3.1-4.module+el9.5.0+633+b47f7e1a 0:3.3.9-4.module+el9.5.0+633+b47f7e1a 0:0.3.1-4.module+el9.5.0+633+b47f7e1a 0:3.6.1-4.module+el9.5.0+633+b47f7e1a 0:0.21.9-4.module+el9.5.0+633+b47f7e1a 0:3.5.22-4.module+el9.5.0+633+b47f7e1a i686|x86_64|aarch64 0:3.1.7-146.module+el9.5.0+634+69d8e181 0:3.1.7-146.module+el9.5.0+634+69d8e181 i686|x86_64|aarch64 0:3.1.1-146.module+el9.5.0+634+69d8e181 0:2.3.27-146.module+el9.5.0+634+69d8e181 i686|x86_64|aarch64 0:0.5.11-146.module+el9.5.0+634+69d8e181 0:1.4.1-146.module+el9.5.0+634+69d8e181 i686|x86_64|aarch64 0:2.6.1-146.module+el9.5.0+634+69d8e181 0:5.15.0-146.module+el9.5.0+634+69d8e181 x86_64|aarch64 0:0.5.4-1.module+el9.5.0+515+d7e25d1b 0:0.5.4-1.module+el9.5.0+515+d7e25d1b x86_64|aarch64 0:1.3.5-1.module+el9.5.0+515+d7e25d1b 0:1.3.5-1.module+el9.5.0+515+d7e25d1b 0:2.0.1-146.module+el9.5.0+634+69d8e181 i686|x86_64|aarch64 0:4.0.4-146.module+el9.5.0+634+69d8e181 0:13.0.6-146.module+el9.5.0+634+69d8e181 i686|x86_64|aarch64 0:2.7.0-146.module+el9.5.0+634+69d8e181 0:6.4.1.1-146.module+el9.5.0+634+69d8e181 0:3.3.9-146.module+el9.5.0+634+69d8e181 0:0.3.1-146.module+el9.5.0+634+69d8e181 0:3.5.3-146.module+el9.5.0+634+69d8e181 0:0.21.3-146.module+el9.5.0+634+69d8e181 0:3.3.27-146.module+el9.5.0+634+69d8e181 \nstream\s*=\s*1.24\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*1.24\b x86_64|aarch64 1:1.24.0-4.module+el9.5.0+610+c602f816.1 1:1.24.0-4.module+el9.5.0+610+c602f816.1 \nstream\s*=\s*1.22\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*1.22\b x86_64|aarch64 1:1.22.1-8.module+el9.5.0+609+bafeb453.1 1:1.22.1-8.module+el9.5.0+609+bafeb453.1 \nstream\s*=\s*10.11\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*10.11\b x86_64|aarch64 0:26.4.20-1.module+el9.5.0+588+72048be3 x86_64|aarch64 3:10.11.10-1.module+el9.5.0+588+72048be3 x86_64|aarch64 1:18.20.6-1.module+el9.5.0+591+44e373fd 1:18.20.6-1.module+el9.5.0+591+44e373fd 0:3.0.1-1.module+el9.5.0+495+b116ef82 0:2021.06-4.module+el9.5.0+495+b116ef82 x86_64|aarch64 1:10.8.2-1.18.20.6.1.module+el9.5.0+591+44e373fd x86_64|aarch64 1:20.18.2-1.module+el9.5.0+590+6735c4c0 1:20.18.2-1.module+el9.5.0+590+6735c4c0 x86_64|aarch64 1:10.8.2-1.20.18.2.1.module+el9.5.0+590+6735c4c0 \nstream\s*=\s*8.1\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*8.1\b 0:5.1.21-1.module+el9.5.0+506+1dda6d48 x86_64|aarch64 0:8.1.32-1.module+el9.5.0+630+4c1a37f4 x86_64|aarch64 0:5.1.21-1.module+el9.5.0+506+1dda6d48 x86_64|aarch64 0:2.0.3-4.module+el9.5.0+506+1dda6d48 x86_64|aarch64 0:3.1.4-1.module+el9.5.0+506+1dda6d48 x86_64|aarch64 0:1.20.1-1.module+el9.5.0+506+1dda6d48 x86_64|aarch64 0:1.5.1-1.module+el9.5.0+544+1f6a3061 x86_64|aarch64 0:16.0-1.module+el9.5.0+503+79cc7b27 x86_64|aarch64 0:0.6.2-1.module+el9.5.0+534+49e586b3 x86_64|aarch64 0:2.4.0-1.Final.module+el9.5.0+503+79cc7b27 x86_64|aarch64 0:16.8-1.module+el9.5.0+602+5443b709 0:16.8-1.module+el9.5.0+602+5443b709 x86_64|aarch64 0:8.1.30-1.module+el9.5.0+557+0c1d81a6 x86_64|aarch64 0:8.2.25-1.module+el9.5.0+558+029a2bd0 i686|x86_64|aarch64 0:3.1.5-145.module+el9.5.0+560+af78f1b8 0:3.1.5-145.module+el9.5.0+560+af78f1b8 i686|x86_64|aarch64 0:3.1.1-145.module+el9.5.0+560+af78f1b8 0:2.3.27-145.module+el9.5.0+560+af78f1b8 i686|x86_64|aarch64 0:0.5.11-145.module+el9.5.0+560+af78f1b8 0:1.4.1-145.module+el9.5.0+560+af78f1b8 i686|x86_64|aarch64 0:2.6.1-145.module+el9.5.0+560+af78f1b8 0:5.15.0-145.module+el9.5.0+560+af78f1b8 0:2.0.1-145.module+el9.5.0+560+af78f1b8 i686|x86_64|aarch64 0:4.0.4-145.module+el9.5.0+560+af78f1b8 0:13.0.6-145.module+el9.5.0+560+af78f1b8 i686|x86_64|aarch64 0:2.7.0-145.module+el9.5.0+560+af78f1b8 0:6.4.1.1-145.module+el9.5.0+560+af78f1b8 0:3.2.5-145.module+el9.5.0+560+af78f1b8 0:0.2.9-145.module+el9.5.0+560+af78f1b8 0:3.5.3-145.module+el9.5.0+560+af78f1b8 0:0.21.3-145.module+el9.5.0+560+af78f1b8 0:3.3.27-145.module+el9.5.0+560+af78f1b8 x86_64|aarch64 0:7.2.6-1.module+el9.5.0+559+7a24c259 0:7.2.6-1.module+el9.5.0+559+7a24c259 x86_64|aarch64 0:16.6-1.module+el9.5.0+544+1f6a3061 0:16.6-1.module+el9.5.0+544+1f6a3061 x86_64|aarch64 0:15.12-1.module+el9.5.0+603+a947c8aa 0:15.12-1.module+el9.5.0+603+a947c8aa x86_64|aarch64 0:6.4.2-1.el9_5 x86_64|aarch64 1:1.5.1-3.el9_5 x86_64|aarch64 0:1.16.2-8.el9_5.1 i686|x86_64|aarch64 0:1.16.2-8.el9_5.1 i686|x86_64|aarch64 0:1.0.31-8.el9_5.2 x86_64|aarch64 0:1.0.31-8.el9_5.2 x86_64|aarch64 2:1.16.1-2.el9_5 x86_64 0:1.21.13-3.el9_4 0:1.21.13-3.el9_4 x86_64 0:9.2.10-17.el9_4 x86_64|aarch64 0:1.24.4-1.el9_6 0:1.24.4-1.el9_6 x86_64|aarch64 0:40.0-11.el9_6 0:0.34-19.1.el9_6 i686|x86_64|aarch64 0:2.34-168.el9_6.20 x86_64|aarch64 0:2.34-168.el9_6.20 0:2.34-168.el9_6.20 x86_64 0:2.34-168.el9_6.20 x86_64|aarch64 0:20210202-11.el9_6.1 x86_64|aarch64 1:0.82-6.1.el9_6 x86_64|aarch64 0:1.14.1-8.el9_6 0:1.14.1-8.el9_6 x86_64|aarch64 0:1.20.11-31.el9_6 i686|x86_64|aarch64 0:23.2.7-4.el9_6 i686|x86_64|aarch64 0:1.20.11-31.el9_6 0:1.20.11-31.el9_6 x86_64|aarch64 5:5.4.0-12.el9_6 5:5.4.0-12.el9_6 i686|x86_64|aarch64 0:1.6-17.el9_6.2 0:53.0.0-13.el9_6.1 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-5])\.)|(5\.14\.0-570\.26\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.26\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-5])\.)|(5\.14\.0-570\.26\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.26\.0\.) x86_64|aarch64 0:5.14.0-570.26.1.el9_6 aarch64 0:5.14.0-570.26.1.el9_6 0:5.14.0-570.26.1.el9_6 x86_64 0:5.14.0-570.26.1.el9_6 x86_64|aarch64 0:1.9.5p2-10.el9_6.1 i686|x86_64|aarch64 0:2.68.4-16.el9_6.2 0:2.68.4-16.el9_6.2 x86_64|aarch64 0:2.68.4-16.el9_6.2 x86_64|aarch64 0:1.7.4.1-6.el9_6.1 x86_64|aarch64 0:128.12.0-1.el9_6.inferit x86_64|aarch64 0:2.47.3-1.el9_6 0:2.47.3-1.el9_6 i686|x86_64|aarch64 0:2.9.13-10.el9_6 x86_64|aarch64 0:2.9.13-10.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-4])\.)|(5\.14\.0-570\.25\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.25\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-4])\.)|(5\.14\.0-570\.25\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.25\.0\.) x86_64|aarch64 0:5.14.0-570.25.1.el9_6 aarch64 0:5.14.0-570.25.1.el9_6 0:5.14.0-570.25.1.el9_6 x86_64 0:5.14.0-570.25.1.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-2])\.)|(5\.14\.0-570\.23\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.23\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-2])\.)|(5\.14\.0-570\.23\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.23\.0\.) x86_64|aarch64 0:5.14.0-570.23.1.el9_6 aarch64 0:5.14.0-570.23.1.el9_6 0:5.14.0-570.23.1.el9_6 x86_64 0:5.14.0-570.23.1.el9_6 \nstream\s*=\s*1.26\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*1.26\b x86_64|aarch64 2:1.26.3-1.module+el9.6.0+614+63235732 2:1.26.3-1.module+el9.6.0+614+63235732 4:20250211-1.20250512.1.el9_6 0:24.4-4.el9_6.3.inferit i686|x86_64|aarch64 0:3.11.11-2.el9_6.1 i686|x86_64|aarch64 0:3.12.9-1.el9_6.1 0:3.9.21-2.el9_6.1 i686|x86_64|aarch64 0:3.9.21-2.el9_6.1 1:9.0.87-3.el9_6.1 x86_64|aarch64 1:21.0.8.0.9-1.el9 x86_64|aarch64 1:17.0.16.0.8-2.el9 x86_64|aarch64 1:1.8.0.462.b08-3.el9.inferit 1:1.8.0.462.b08-3.el9.inferit x86_64 0:4.10.0-86.el9_6.7 x86_64|aarch64 0:4.10.0-86.el9_6.7 0:4.10.0-86.el9_6.7 x86_64|aarch64 0:6.2.19-1.el9_6 i686|x86_64|aarch64 0:6.2.19-1.el9_6 0:6.2.19-1.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-7])\.)|(5\.14\.0-570\.28\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.28\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-7])\.)|(5\.14\.0-570\.28\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.28\.0\.) x86_64|aarch64 0:5.14.0-570.28.1.el9_6 aarch64 0:5.14.0-570.28.1.el9_6 0:5.14.0-570.28.1.el9_6 x86_64 0:5.14.0-570.28.1.el9_6 i686|x86_64|aarch64 0:0.8-22.el9_6.1 x86_64|aarch64 0:0.8-22.el9_6.1 x86_64|aarch64 0:128.13.0-1.el9_6.inferit i686|x86_64|aarch64 0:3.34.1-8.el9_6.inferit x86_64|aarch64 1:22.16.0-2.module+el9.6.0+705+a48304aa 1:22.16.0-2.module+el9.6.0+705+a48304aa x86_64|aarch64 1:10.9.2-1.22.16.0.2.module+el9.6.0+705+a48304aa x86_64|aarch64 3:12.4.254.21-1.22.16.0.2.module+el9.6.0+705+a48304aa ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-9])\.)|(5\.14\.0-570\.30\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.30\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-9]|2[0-9])\.)|(5\.14\.0-570\.30\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.30\.0\.) x86_64|aarch64 0:5.14.0-570.30.1.el9_6 aarch64 0:5.14.0-570.30.1.el9_6 0:5.14.0-570.30.1.el9_6 x86_64 0:5.14.0-570.30.1.el9_6 x86_64|aarch64 4:5.32.1-481.1.el9_6 0:1.01-481.1.el9_6 0:5.74-481.1.el9_6 x86_64|aarch64 0:1.80-481.1.el9_6 0:1.23-481.1.el9_6 0:0.66-481.1.el9_6 0:0.03-481.1.el9_6 0:0.06-481.1.el9_6 x86_64|aarch64 0:1.28-481.1.el9_6 0:1.06-481.1.el9_6 0:1.05-481.1.el9_6 0:2.27-481.1.el9_6 x86_64|aarch64 0:1.47-481.1.el9_6 0:1.11-481.1.el9_6 x86_64|aarch64 0:1.30-481.1.el9_6 0:0.25-481.1.el9_6 0:1.35-481.1.el9_6 0:1.09-481.1.el9_6 x86_64|aarch64 0:1.13-481.1.el9_6 0:2.85-481.1.el9_6 0:1.100.600-481.1.el9_6 0:2.34-481.1.el9_6 x86_64|aarch64 0:1.12-481.1.el9_6 0:1.37-481.1.el9_6 0:1.10-481.1.el9_6 0:2.03-481.1.el9_6 0:1.51-481.1.el9_6 x86_64|aarch64 0:1.18-481.1.el9_6 0:1.12-481.1.el9_6 x86_64|aarch64 0:0.23-481.1.el9_6 x86_64|aarch64 0:1.20-481.1.el9_6 0:1.02-481.1.el9_6 0:0.44-481.1.el9_6 x86_64|aarch64 0:0.19-481.1.el9_6 x86_64|aarch64 0:1.43-481.1.el9_6 0:1.21-481.1.el9_6 1:0.21-481.1.el9_6 0:1.59-481.1.el9_6 0:1.03-481.1.el9_6 1:0.08-481.1.el9_6 x86_64|aarch64 0:1.15-481.1.el9_6 0:0.67-481.1.el9_6 x86_64|aarch64 0:1.16-481.1.el9_6 x86_64|aarch64 0:1.48-481.1.el9_6 x86_64|aarch64 0:1.94-481.1.el9_6 0:1.13-481.1.el9_6 0:1.25-481.1.el9_6 0:2.41-481.1.el9_6 0:1.07-481.1.el9_6 0:1.26-481.1.el9_6 0:1.08-481.1.el9_6 x86_64|aarch64 0:1.23-481.1.el9_6 0:1.403-481.1.el9_6 0:1.17-481.1.el9_6 0:1.31-481.1.el9_6 0:3.05-481.1.el9_6 0:2.13-481.1.el9_6 0:4.6-481.1.el9_6 0:1.1-481.1.el9_6 x86_64|aarch64 0:1.3401-481.1.el9_6 0:0.75-481.1.el9_6 0:1.56-481.1.el9_6 0:0.04-481.1.el9_6 i686|x86_64|aarch64 4:5.32.1-481.1.el9_6 0:5.32.1-481.1.el9_6 0:0.13-481.1.el9_6 0:0.60.800-481.1.el9_6 x86_64|aarch64 0:0.65-481.1.el9_6 4:5.32.1-481.1.el9_6 0:0.02-481.1.el9_6 x86_64|aarch64 0:5.32.1-481.1.el9_6 0:2.04-481.1.el9_6 0:1.04-481.1.el9_6 x86_64|aarch64 0:1.16.2-19.el9_6.1 i686|x86_64|aarch64 0:1.16.2-19.el9_6.1 i686|x86_64|aarch64 0:0.9.1-5.20211126git1ff6fe1f43.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-1])\.)|(5\.14\.0-570\.12\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.12\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|1[0-1])\.)|(5\.14\.0-570\.12\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.12\.0\.) x86_64|aarch64 0:5.14.0-570.12.1.el9_6 aarch64 0:5.14.0-570.12.1.el9_6 0:5.14.0-570.12.1.el9_6 x86_64 0:5.14.0-570.12.1.el9_6 x86_64|aarch64 0:128.13.0-3.el9_6.inferit x86_64|aarch64 0:67.1-10.el9_6 i686|x86_64|aarch64 0:67.1-10.el9_6 0:2.19.1-1.el9_6 x86_64|aarch64 0:7.2.10-1.module+el9.6.0+704+aff0ab42 0:7.2.10-1.module+el9.6.0+704+aff0ab42 i686|x86_64|aarch64 0:2.9.13-11.el9_6 x86_64|aarch64 0:2.9.13-11.el9_6 i686|x86_64|aarch64 0:2.42.6-6.el9_6 x86_64|aarch64 0:2.9.6-2.el9_6.1 x86_64|aarch64 0:0.127.0-1.el9_6 0:68.2.2-5.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-1])\.)|(5\.14\.0-570\.32\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.32\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-1])\.)|(5\.14\.0-570\.32\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.32\.0\.) x86_64|aarch64 0:5.14.0-570.32.1.el9_6 aarch64 0:5.14.0-570.32.1.el9_6 0:5.14.0-570.32.1.el9_6 x86_64 0:5.14.0-570.32.1.el9_6 i686|x86_64|aarch64 0:5.15.9-2.el9_6 x86_64|aarch64 0:5.15.9-2.el9_6 i686|x86_64|aarch64 0:2.34-168.el9_6.23 x86_64|aarch64 0:2.34-168.el9_6.23 0:2.34-168.el9_6.23 x86_64 0:2.34-168.el9_6.23 x86_64|aarch64 0:6.2-10.20210508.el9_6.2 0:6.2-10.20210508.el9_6.2 i686|x86_64|aarch64 0:6.2-10.20210508.el9_6.2 0:2.25.1-10.el9_6 i686|x86_64|aarch64 0:2.9.13-12.el9_6 x86_64|aarch64 0:2.9.13-12.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-2])\.)|(5\.14\.0-570\.33\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.33\.[0-1]\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-2])\.)|(5\.14\.0-570\.33\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.33\.[0-1]\.) x86_64|aarch64 0:5.14.0-570.33.2.el9_6 aarch64 0:5.14.0-570.33.2.el9_6 0:5.14.0-570.33.2.el9_6 x86_64 0:5.14.0-570.33.2.el9_6 0:65.5.1-4.el9_6 x86_64|aarch64 0:0.2-1.el9_6 i686|x86_64|aarch64 0:2.48.5-1.el9_6 x86_64|aarch64 0:366-12.el9_6 x86_64|aarch64 0:1.24.6-1.el9_6 0:1.24.6-1.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-4])\.)|(5\.14\.0-570\.35\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.35\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-4])\.)|(5\.14\.0-570\.35\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.35\.0\.) x86_64|aarch64 0:5.14.0-570.35.1.el9_6 aarch64 0:5.14.0-570.35.1.el9_6 0:5.14.0-570.35.1.el9_6 x86_64 0:5.14.0-570.35.1.el9_6 1:9.0.87-3.el9_6.3 x86_64|aarch64 0:3.5.3-6.el9_6 i686|x86_64|aarch64 0:3.5.3-6.el9_6 x86_64|aarch64 0:128.14.0-2.el9_6.inferit x86_64|aarch64 0:15.14-1.module+el9.6.0+720+b19bb0a3 0:15.14-1.module+el9.6.0+720+b19bb0a3 x86_64|aarch64 0:13.22-1.el9_6 0:13.22-1.el9_6 x86_64|aarch64 0:0.6.2-2.module+el9.6.0+641+79f67144 x86_64|aarch64 0:16.10-1.module+el9.6.0+721+2e157193 0:16.10-1.module+el9.6.0+721+2e157193 x86_64|aarch64 0:128.14.0-3.el9_6.inferit x86_64|aarch64 0:0.16-103.el9_6.2 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-6])\.)|(5\.14\.0-570\.37\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.37\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-6])\.)|(5\.14\.0-570\.37\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.37\.0\.) x86_64|aarch64 0:5.14.0-570.37.1.el9_6 aarch64 0:5.14.0-570.37.1.el9_6 0:5.14.0-570.37.1.el9_6 x86_64 0:5.14.0-570.37.1.el9_6 x86_64|aarch64 0:2.4.62-4.el9_6.4.inferit 0:2.4.62-4.el9_6.4.inferit x86_64|aarch64 1:2.4.62-4.el9_6.4.inferit i686|x86_64|aarch64 0:2.9.4-11.el9_6.1 x86_64|aarch64 0:2.9.4-11.el9_6.1 0:3.9.21-2.el9_6.2 i686|x86_64|aarch64 0:3.9.21-2.el9_6.2 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-8])\.)|(5\.14\.0-570\.39\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.39\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-2][0-9]|3[0-8])\.)|(5\.14\.0-570\.39\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.39\.0\.) x86_64|aarch64 0:5.14.0-570.39.1.el9_6 aarch64 0:5.14.0-570.39.1.el9_6 0:5.14.0-570.39.1.el9_6 x86_64 0:5.14.0-570.39.1.el9_6 i686|x86_64|aarch64 0:3.12.9-1.el9_6.2 i686|x86_64|aarch64 0:3.11.11-2.el9_6.2 x86_64|aarch64 0:2.0.26-4.el9_6.1 i686|x86_64|aarch64 0:1.5.1-26.el9_6 x86_64|aarch64 0:1.5.1-26.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|4[0-3])\.)|(5\.14\.0-570\.44\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.44\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|4[0-3])\.)|(5\.14\.0-570\.44\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.44\.0\.) x86_64|aarch64 0:5.14.0-570.44.1.el9_6 aarch64 0:5.14.0-570.44.1.el9_6 0:5.14.0-570.44.1.el9_6 x86_64 0:5.14.0-570.44.1.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|40)\.)|(5\.14\.0-570\.41\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.41\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|40)\.)|(5\.14\.0-570\.41\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.41\.0\.) x86_64|aarch64 0:5.14.0-570.41.1.el9_6 aarch64 0:5.14.0-570.41.1.el9_6 0:5.14.0-570.41.1.el9_6 x86_64 0:5.14.0-570.41.1.el9_6 x86_64|aarch64 0:41.0.7-2.el9_6.1 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|4[0-1])\.)|(5\.14\.0-570\.42\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.42\.[0-1]\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|4[0-1])\.)|(5\.14\.0-570\.42\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.42\.[0-1]\.) x86_64|aarch64 0:5.14.0-570.42.2.el9_6 aarch64 0:5.14.0-570.42.2.el9_6 0:5.14.0-570.42.2.el9_6 x86_64 0:5.14.0-570.42.2.el9_6 x86_64|aarch64 1:2.3.3op2-33.el9_6.1.inferit i686|x86_64|aarch64 1:2.3.3op2-33.el9_6.1.inferit 1:2.3.3op2-33.el9_6.1.inferit x86_64|aarch64 5:5.4.0-13.el9_6 5:5.4.0-13.el9_6 x86_64|aarch64 0:36.0.1-5.el9_6 x86_64|aarch64 0:0.127.0-2.el9_6 i686|x86_64|aarch64 0:3.8.3-6.el9_6.2.inferit x86_64|aarch64 0:3.8.3-6.el9_6.2.inferit x86_64|aarch64 0:140.3.0-1.el9_6.inferit x86_64|aarch64 0:8.0.43-1.el9_6 \nstream\s*=\s*8.4\b[\w\W]*\nstate\s*=\s*(enabled|1|true)|\nstate\s*=\s*(enabled|1|true)[\w\W]*\nstream\s*=\s*8.4\b x86_64|aarch64 0:0.996-3.module+el9.6.0+613+164be6b7.4 x86_64|aarch64 0:2.7.0.20070801-24.module+el9.6.0+613+164be6b7 x86_64|aarch64 0:8.4.6-1.module+el9.6.0+732+eb8cb34c 0:8.4.6-1.module+el9.6.0+732+eb8cb34c x86_64|aarch64 0:1.1.0-19.module+el9.6.0+613+164be6b7 0:1.1.0-19.module+el9.6.0+613+164be6b7 0:39.31.5.1-151.3.el9_6 1:39.31.5.1-151.3.el9_6 0:18.168.6.1-151.3.el9_6 1:25.30.13.0-151.3.el9_6 0:8.83.5.1_1-151.3.el9_6 0:8.24.2.2-151.3.el9_6 0:41.28.5.1-151.3.el9_6 0:20250716-151.3.el9_6 0:9.1-1.el9 0:0.3.1-6.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|4[0-5])\.)|(5\.14\.0-570\.46\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.46\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|4[0-5])\.)|(5\.14\.0-570\.46\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.46\.0\.) x86_64|aarch64 0:5.14.0-570.46.1.el9_6 aarch64 0:5.14.0-570.46.1.el9_6 0:5.14.0-570.46.1.el9_6 x86_64 0:5.14.0-570.46.1.el9_6 x86_64|aarch64 0:6.1.152-1.lvc33.el9.inferit 0:6.1.152-1.lvc33.el9.inferit ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|4[0-8])\.)|(5\.14\.0-570\.49\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.49\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-3][0-9]|4[0-8])\.)|(5\.14\.0-570\.49\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.49\.0\.) x86_64|aarch64 0:5.14.0-570.49.1.el9_6 aarch64 0:5.14.0-570.49.1.el9_6 0:5.14.0-570.49.1.el9_6 x86_64 0:5.14.0-570.49.1.el9_6 x86_64|aarch64 0:4.12.2-14.el9_6.5 0:4.12.2-14.el9_6.5 x86_64|aarch64 1:4.04-1.el9_6 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|50)\.)|(5\.14\.0-570\.51\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.51\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|50)\.)|(5\.14\.0-570\.51\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.51\.0\.) x86_64|aarch64 0:5.14.0-570.51.1.el9_6 aarch64 0:5.14.0-570.51.1.el9_6 0:5.14.0-570.51.1.el9_6 x86_64 0:5.14.0-570.51.1.el9_6 x86_64|aarch64 0:12.5.0-1.el9_6.2 x86_64 0:12.5.0-1.el9_6.2 x86_64|aarch64 0:140.0.7339.207-1.el9.inferit x86_64|aarch64 0:20210202-11.el9_6.3 x86_64|aarch64 2:8.2.2637-22.el9_6.1 2:8.2.2637-22.el9_6.1 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|5[0-1])\.)|(5\.14\.0-570\.52\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.52\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|5[0-1])\.)|(5\.14\.0-570\.52\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.52\.0\.) x86_64|aarch64 0:5.14.0-570.52.1.el9_6 aarch64 0:5.14.0-570.52.1.el9_6 0:5.14.0-570.52.1.el9_6 x86_64 0:5.14.0-570.52.1.el9_6 i686|x86_64|aarch64 0:0.10.4-15.el9_6 0:0.10.4-15.el9_6 x86_64|aarch64 0:140.4.0-3.el9_6.inferit x86_64|aarch64 0:8.0.21-1.el9_6 x86_64|aarch64 0:8.0.121-1.el9_6 x86_64|aarch64 0:9.0.10-1.el9_6 x86_64|aarch64 0:9.0.111-1.el9_6 i686|x86_64|aarch64 0:2.50.1-0.el9_6 0:39.31.5.1-151.4.el9_6 1:39.31.5.1-151.4.el9_6 0:18.168.6.1-151.4.el9_6 1:25.30.13.0-151.4.el9_6 0:8.83.5.1_1-151.4.el9_6 0:8.24.2.2-151.4.el9_6 0:41.28.5.1-151.4.el9_6 0:20250812-151.4.el9_6 x86_64|aarch64 1:1.8.0.472.b08-1.el9 1:1.8.0.472.b08-1.el9 x86_64|aarch64 0:140.4.0-2.el9_6.inferit ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|5[0-4])\.)|(5\.14\.0-570\.55\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.55\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|5[0-4])\.)|(5\.14\.0-570\.55\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.55\.0\.) x86_64|aarch64 0:5.14.0-570.55.1.el9_6 aarch64 0:5.14.0-570.55.1.el9_6 0:5.14.0-570.55.1.el9_6 x86_64 0:5.14.0-570.55.1.el9_6 x86_64|aarch64 1:21.0.9.0.10-1.el9 x86_64|aarch64 1:17.0.17.0.10-1.el9 x86_64|aarch64 0:7.2.11-1.module+el9.6.0+741+da26057d 0:7.2.11-1.module+el9.6.0+741+da26057d i686|x86_64|aarch64 0:4.4.0-13.el9_6.2 x86_64|aarch64 0:4.4.0-13.el9_6.2 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|5[0-7])\.)|(5\.14\.0-570\.58\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.58\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|5[0-7])\.)|(5\.14\.0-570\.58\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.58\.0\.) x86_64|aarch64 0:5.14.0-570.58.1.el9_6 aarch64 0:5.14.0-570.58.1.el9_6 0:5.14.0-570.58.1.el9_6 x86_64 0:5.14.0-570.58.1.el9_6 x86_64|aarch64 0:6.2.20-1.el9_6 i686|x86_64|aarch64 0:6.2.20-1.el9_6 0:6.2.20-1.el9_6 i686|x86_64|aarch64 0:2.72.0-10.el9_6.3 x86_64|aarch64 0:132.2-3.el9_6.inferit i686|x86_64|aarch64 0:23.2.7-5.el9_6 i686|x86_64|aarch64 0:5.15.9-2.el9_6.1 x86_64|aarch64 0:5.15.9-2.el9_6.1 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|5[0-9])\.)|(5\.14\.0-570\.60\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.60\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-4][0-9]{2}|5[0-5][0-9]|56[0-9])\.)|(5\.14\.0-570\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.([0-9]|[1-4][0-9]|5[0-9])\.)|(5\.14\.0-570\.60\.[^\.]*[a-zA-Z])|(5\.14\.0-570\.60\.0\.) x86_64|aarch64 0:5.14.0-570.60.1.el9_6 aarch64 0:5.14.0-570.60.1.el9_6 0:5.14.0-570.60.1.el9_6 x86_64 0:5.14.0-570.60.1.el9_6 x86_64|aarch64 0:1.20.11-32.el9_6 i686|x86_64|aarch64 0:1.20.11-32.el9_6 0:1.20.11-32.el9_6 x86_64|aarch64 0:0.11.9-2.el9_6.2 x86_64|aarch64 0:1.14.1-9.el9_6 0:1.14.1-9.el9_6 x86_64|aarch64 4:1.2.5-3.el9_6 x86_64|aarch64 0:2.8.14-1.el9_7.1 x86_64|aarch64 6:5.6.0-7.el9_7 6:5.6.0-7.el9_7 i686|x86_64|aarch64 0:5.15.9-2.el9_7.1 x86_64|aarch64 0:5.15.9-2.el9_7.1 x86_64|aarch64 0:1.20.11-32.el9_7 i686|x86_64|aarch64 0:1.20.11-32.el9_7 0:1.20.11-32.el9_7 i686|x86_64|aarch64 0:23.2.7-5.el9_7 i686|x86_64|aarch64 0:2.72.0-12.el9_7.1 x86_64|aarch64 0:1.15.0-6.el9_7 0:1.15.0-6.el9_7 i686|x86_64|aarch64 0:0.10.4-15.el9_7 0:0.10.4-15.el9_7 x86_64|aarch64 2:8.2.2637-23.el9_7 2:8.2.2637-23.el9_7 i686|x86_64|aarch64 0:2.9.7-4.el9_7.1 x86_64|aarch64 0:2.9.7-4.el9_7.1 0:2.9.7-4.el9_7.1 i686|x86_64|aarch64 0:3.34.1-9.el9_7.inferit x86_64|aarch64 0:4.12.2-22.el9_7.1 0:4.12.2-22.el9_7.1 x86_64|aarch64 0:6.2.20-2.el9_7 i686|x86_64|aarch64 0:6.2.20-2.el9_7 0:6.2.20-2.el9_7 x86_64|aarch64 6:5.6.0-6.el9_7 6:5.6.0-6.el9_7 i686|x86_64|aarch64 0:2.50.1-1.el9_7 0:1.0.0-9.el9_7 x86_64|aarch64 32:9.16.23-34.el9_7.1 i686|x86_64|aarch64 32:9.16.23-34.el9_7.1 32:9.16.23-34.el9_7.1 x86_64|aarch64 32:9.18.29-5.el9_7.2 i686|x86_64|aarch64 32:9.18.29-5.el9_7.2 32:9.18.29-5.el9_7.2 i686|x86_64|aarch64 0:4.4.0-15.el9_7.2 x86_64|aarch64 0:4.4.0-15.el9_7.2 x86_64|aarch64 4:1.3.0-4.el9_7 x86_64|aarch64 0:0.11.10-1.el9_7.1 x86_64|aarch64 0:13.0.0-1.el9_7.1 x86_64 0:13.0.0-1.el9_7.1 x86_64|aarch64 1:3.5.1-4.el9_7.inferit i686|x86_64|aarch64 1:3.5.1-4.el9_7.inferit x86_64|aarch64 0:140.5.0-1.el9_7.inferit ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-5][0-9]{2}|60[0-9]|610)\.)|(5\.14\.0-611\.[^\.]*[a-zA-Z])|(5\.14\.0-611\.[0-7]\.)|(5\.14\.0-611\.8\.[^\.]*[a-zA-Z])|(5\.14\.0-611\.8\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-5][0-9]{2}|60[0-9]|610)\.)|(5\.14\.0-611\.[^\.]*[a-zA-Z])|(5\.14\.0-611\.[0-7]\.)|(5\.14\.0-611\.8\.[^\.]*[a-zA-Z])|(5\.14\.0-611\.8\.0\.) x86_64|aarch64 0:5.14.0-611.8.1.el9_7 aarch64 0:5.14.0-611.8.1.el9_7 0:5.14.0-611.8.1.el9_7 x86_64 0:5.14.0-611.8.1.el9_7 i686|x86_64|aarch64 0:2.7.0-11.el9_7.3 x86_64|aarch64 0:2.7.0-11.el9_7.3 x86_64|aarch64 7:5.5-22.el9_7.1 ([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-5][0-9]{2}|60[0-9]|610)\.)|(5\.14\.0-611\.[^\.]*[a-zA-Z])|(5\.14\.0-611\.[0-6]\.)|(5\.14\.0-611\.7\.[^\.]*[a-zA-Z])|(5\.14\.0-611\.7\.0\.) saved_entry=\w*-([0-4]\.\d+\.\d+-)|(5\.([0-9]|1[0-3])\.\d+-)|(5\.14\.0-([0-9]{1,2}|[1-5][0-9]{2}|60[0-9]|610)\.)|(5\.14\.0-611\.[^\.]*[a-zA-Z])|(5\.14\.0-611\.[0-6]\.)|(5\.14\.0-611\.7\.[^\.]*[a-zA-Z])|(5\.14\.0-611\.7\.0\.) x86_64|aarch64 0:5.14.0-611.7.1.el9_7 aarch64 0:5.14.0-611.7.1.el9_7 0:5.14.0-611.7.1.el9_7 x86_64 0:5.14.0-611.7.1.el9_7 i686|x86_64|aarch64 0:4.4.0-15.el9 x86_64|aarch64 0:4.4.0-15.el9 i686|x86_64|aarch64 0:0.13.71-12.el9 x86_64|aarch64 0:0.13.71-12.el9 x86_64|aarch64 2:4.9-15.el9 i686|x86_64|aarch64 2:4.9-15.el9