USN-6707-2: Linux kernel (ARM laptop) vulnerabilities

Read Time:40 Second

Lonial Con discovered that the netfilter subsystem in the Linux kernel did
not properly handle element deactivation in certain cases, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1085)

Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Network drivers;
– PWM drivers;
(CVE-2024-26597, CVE-2024-26599)

Patch Tuesday, April 2025 Edition

The AI Fix #45: The Turing test falls to GPT-4.5

Google Releases April Android Update to Address Two Zero-Days

NIST Defers Pre-2018 CVEs to Tackle Growing Vulnerability Backlog

Half of Firms Stall Digital Projects as Cyber Warfare Risk Surges

CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

Arguing Against CALEA

Boards Urged to Follow New Cyber Code of Practice

Russian bots hard at work spreading political unrest on Romania’s internet

USN-6707-2: Linux kernel (ARM laptop) vulnerabilities

uboot-tools-2025.04-1.fc42

CrushFTP Authentication Bypass

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

rust-openssl-0.10.72-1.el9 rust-openssl-sys-0.9.107-1.el9

rust-openssl-0.10.72-1.el10_0 rust-openssl-sys-0.9.107-1.el10_0

rust-openssl-0.10.72-1.el10_1 rust-openssl-sys-0.9.107-1.el10_1