Advisories Archives - Cyber Security News

Read Time:8 Minute, 5 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– MIPS architecture;
– PowerPC architecture;
– RISC-V architecture;
– S390 architecture;
– User-Mode Linux (UML);
– x86 architecture;
– Block layer subsystem;
– Android drivers;
– ATM drivers;
– Drivers core;
– Ublk userspace block driver;
– Bluetooth drivers;
– Character device driver;
– Hardware crypto device drivers;
– Buffer Sharing and Synchronization framework;
– DMA engine subsystem;
– Qualcomm firmware drivers;
– GPIO subsystem;
– GPU drivers;
– HID subsystem;
– Hardware monitoring drivers;
– I2C subsystem;
– I3C subsystem;
– IIO subsystem;
– InfiniBand drivers;
– Input Device core drivers;
– Input Device (Miscellaneous) drivers;
– IOMMU subsystem;
– IRQ chip drivers;
– LED subsystem;
– Mailbox framework;
– Multiple devices driver;
– Media drivers;
– Fastrpc Driver;
– VMware VMCI Driver;
– MMC subsystem;
– Ethernet bonding driver;
– Network drivers;
– Mellanox network drivers;
– Microsoft Azure Network Adapter (MANA) driver;
– Near Field Communication (NFC) drivers;
– NVME drivers;
– Device tree and open firmware driver;
– Parport drivers;
– PCI subsystem;
– Pin controllers subsystem;
– x86 platform drivers;
– Power supply drivers;
– Remote Processor subsystem;
– S/390 drivers;
– SCSI subsystem;
– QCOM SoC drivers;
– SPI subsystem;
– Direct Digital Synthesis drivers;
– Thunderbolt and USB4 drivers;
– TTY drivers;
– UFS subsystem;
– Userspace I/O drivers;
– DesignWare USB3 driver;
– USB Gadget drivers;
– USB Host Controller drivers;
– USB Type-C Connector System Software Interface driver;
– USB over IP driver;
– Virtio Host (VHOST) subsystem;
– Framebuffer layer;
– Xen hypervisor drivers;
– File systems infrastructure;
– BTRFS file system;
– Ext4 file system;
– F2FS file system;
– JFS file system;
– Network file systems library;
– Network file system (NFS) client;
– Network file system (NFS) server daemon;
– NILFS2 file system;
– File system notification infrastructure;
– NTFS3 file system;
– Proc file system;
– SMB network file system;
– Tracing file system;
– Bitmap API;
– BPF subsystem;
– Memory Management;
– Objagg library;
– Perf events;
– Virtio network driver;
– VMware vSockets driver;
– KCM (Kernel Connection Multiplexor) sockets driver;
– Control group (cgroup);
– DMA mapping infrastructure;
– Locking primitives;
– Padata parallel execution mechanism;
– Scheduler infrastructure;
– Tracing infrastructure;
– Radix Tree data structure library;
– Kernel userspace event delivery library;
– KUnit for arithmetic overflow checks;
– Memory management;
– Bluetooth subsystem;
– Ethernet bridge;
– CAN network layer;
– Networking core;
– Ethtool driver;
– IPv4 networking;
– IPv6 networking;
– MAC80211 subsystem;
– Multipath TCP;
– Netfilter;
– Network traffic control;
– SCTP protocol;
– TIPC protocol;
– Wireless networking;
– AppArmor security module;
– Landlock security;
– SELinux security module;
– Simplified Mandatory Access Control Kernel framework;
– FireWire sound drivers;
– AMD SoC Alsa drivers;
– Texas InstrumentS Audio (ASoC/HDA) drivers;
– SoC Audio for Freescale CPUs drivers;
– Intel ASoC drivers;
– Amlogic Meson SoC drivers;
– SoC audio core drivers;
– USB sound devices;
– Real-Time Linux Analysis tools;
(CVE-2024-46783, CVE-2024-44960, CVE-2024-46743, CVE-2024-45009,
CVE-2024-43820, CVE-2024-43888, CVE-2024-45010, CVE-2024-43839,
CVE-2024-42304, CVE-2024-43846, CVE-2024-42258, CVE-2024-45005,
CVE-2024-46709, CVE-2024-46774, CVE-2024-43883, CVE-2024-43859,
CVE-2024-46721, CVE-2024-44944, CVE-2024-43913, CVE-2024-43843,
CVE-2024-43845, CVE-2024-45018, CVE-2024-43909, CVE-2024-46755,
CVE-2024-42284, CVE-2024-42301, CVE-2024-46779, CVE-2024-44971,
CVE-2024-46711, CVE-2024-43889, CVE-2024-46842, CVE-2024-44978,
CVE-2024-46803, CVE-2024-42277, CVE-2024-43892, CVE-2024-45019,
CVE-2024-44988, CVE-2024-46798, CVE-2024-44995, CVE-2024-43860,
CVE-2024-46762, CVE-2024-43831, CVE-2024-44990, CVE-2024-46845,
CVE-2024-46765, CVE-2024-45012, CVE-2024-44975, CVE-2024-46770,
CVE-2024-46802, CVE-2024-44970, CVE-2024-46691, CVE-2024-43833,
CVE-2024-43876, CVE-2024-42292, CVE-2024-42291, CVE-2024-43891,
CVE-2024-46788, CVE-2024-44938, CVE-2024-46710, CVE-2024-42272,
CVE-2024-43868, CVE-2024-43875, CVE-2024-45030, CVE-2024-46689,
CVE-2024-46859, CVE-2024-46795, CVE-2024-46683, CVE-2024-44999,
CVE-2024-44942, CVE-2024-47669, CVE-2024-42318, CVE-2024-43911,
CVE-2024-46693, CVE-2024-42296, CVE-2024-43894, CVE-2024-45002,
CVE-2024-46673, CVE-2024-46852, CVE-2024-45001, CVE-2024-43907,
CVE-2024-42319, CVE-2024-44972, CVE-2024-43905, CVE-2024-45028,
CVE-2024-46816, CVE-2024-46847, CVE-2024-46834, CVE-2024-44982,
CVE-2024-46807, CVE-2024-44948, CVE-2024-46685, CVE-2024-46811,
CVE-2024-42317, CVE-2024-43818, CVE-2024-46786, CVE-2024-43881,
CVE-2024-42294, CVE-2024-46708, CVE-2024-42285, CVE-2024-44941,
CVE-2024-43823, CVE-2024-46694, CVE-2024-46730, CVE-2024-42259,
CVE-2024-42270, CVE-2024-47658, CVE-2024-46718, CVE-2024-44947,
CVE-2024-46701, CVE-2024-43895, CVE-2024-43890, CVE-2024-46826,
CVE-2024-46687, CVE-2024-46768, CVE-2024-45025, CVE-2024-42267,
CVE-2024-42263, CVE-2024-44958, CVE-2024-44989, CVE-2024-43906,
CVE-2024-43869, CVE-2024-43887, CVE-2024-42297, CVE-2024-46702,
CVE-2024-42320, CVE-2024-42322, CVE-2024-46857, CVE-2024-43861,
CVE-2024-45008, CVE-2024-44969, CVE-2024-46821, CVE-2024-44967,
CVE-2024-43914, CVE-2024-46870, CVE-2024-46781, CVE-2024-43842,
CVE-2024-47665, CVE-2024-46753, CVE-2024-43866, CVE-2024-43886,
CVE-2024-44939, CVE-2024-42312, CVE-2024-46864, CVE-2024-46695,
CVE-2024-46818, CVE-2024-45006, CVE-2024-43841, CVE-2024-46703,
CVE-2024-46749, CVE-2024-44986, CVE-2024-46717, CVE-2024-42273,
CVE-2024-43856, CVE-2024-46777, CVE-2024-44984, CVE-2024-46719,
CVE-2024-46858, CVE-2024-43821, CVE-2024-46750, CVE-2024-43829,
CVE-2024-43817, CVE-2024-42281, CVE-2024-42287, CVE-2024-45007,
CVE-2024-46793, CVE-2024-45003, CVE-2024-45011, CVE-2024-47683,
CVE-2024-44934, CVE-2024-46722, CVE-2024-46860, CVE-2024-42314,
CVE-2024-46675, CVE-2024-43899, CVE-2024-46752, CVE-2024-46851,
CVE-2024-42310, CVE-2024-46853, CVE-2024-39472, CVE-2024-43837,
CVE-2024-45021, CVE-2024-46713, CVE-2024-44943, CVE-2024-46787,
CVE-2024-43893, CVE-2024-44946, CVE-2024-45026, CVE-2024-44996,
CVE-2024-46761, CVE-2024-46723, CVE-2024-42311, CVE-2024-42316,
CVE-2024-47663, CVE-2024-44940, CVE-2024-43867, CVE-2024-42265,
CVE-2024-44950, CVE-2024-46867, CVE-2024-45020, CVE-2024-46707,
CVE-2024-44966, CVE-2024-42309, CVE-2024-46767, CVE-2024-46758,
CVE-2024-46732, CVE-2024-42262, CVE-2024-46778, CVE-2024-43884,
CVE-2024-44991, CVE-2024-47668, CVE-2024-46698, CVE-2024-46825,
CVE-2024-42302, CVE-2024-46716, CVE-2024-46726, CVE-2024-43870,
CVE-2024-42307, CVE-2024-46830, CVE-2024-43910, CVE-2024-46735,
CVE-2024-43828, CVE-2024-43904, CVE-2024-44965, CVE-2024-46831,
CVE-2024-44979, CVE-2024-44961, CVE-2024-46771, CVE-2024-46844,
CVE-2024-46871, CVE-2024-43877, CVE-2024-46746, CVE-2024-44987,
CVE-2024-46676, CVE-2024-46766, CVE-2024-46731, CVE-2024-46810,
CVE-2024-46806, CVE-2024-45000, CVE-2024-42313, CVE-2024-45015,
CVE-2024-46784, CVE-2024-43834, CVE-2024-46737, CVE-2024-46797,
CVE-2024-43908, CVE-2024-46724, CVE-2024-44980, CVE-2024-43847,
CVE-2024-46679, CVE-2024-46681, CVE-2024-43819, CVE-2024-46776,
CVE-2024-44954, CVE-2024-45022, CVE-2024-46819, CVE-2024-46775,
CVE-2024-43824, CVE-2024-44953, CVE-2024-46759, CVE-2024-43873,
CVE-2024-46756, CVE-2024-42303, CVE-2024-46738, CVE-2024-42290,
CVE-2024-42295, CVE-2024-43849, CVE-2024-44931, CVE-2024-46741,
CVE-2024-43863, CVE-2024-44974, CVE-2024-46829, CVE-2024-44959,
CVE-2024-42315, CVE-2024-44983, CVE-2024-46715, CVE-2024-46697,
CVE-2024-43850, CVE-2024-46728, CVE-2024-44963, CVE-2024-46823,
CVE-2024-46692, CVE-2024-46760, CVE-2024-46705, CVE-2024-42261,
CVE-2024-42321, CVE-2024-46785, CVE-2024-46686, CVE-2024-49984,
CVE-2024-46706, CVE-2024-45029, CVE-2024-46809, CVE-2024-43827,
CVE-2024-44998, CVE-2024-47667, CVE-2024-43835, CVE-2024-46866,
CVE-2024-46841, CVE-2024-42286, CVE-2024-43852, CVE-2024-43832,
CVE-2024-46773, CVE-2024-46817, CVE-2024-46868, CVE-2024-46812,
CVE-2024-47660, CVE-2024-46725, CVE-2024-42288, CVE-2024-46824,
CVE-2024-42269, CVE-2024-44957, CVE-2024-45017, CVE-2024-46747,
CVE-2024-47662, CVE-2024-46843, CVE-2024-46849, CVE-2024-43879,
CVE-2024-46751, CVE-2024-42298, CVE-2024-46861, CVE-2024-44993,
CVE-2024-46729, CVE-2024-46846, CVE-2024-46794, CVE-2024-43826,
CVE-2024-44973, CVE-2024-46672, CVE-2024-44985, CVE-2024-46815,
CVE-2024-46822, CVE-2024-46754, CVE-2024-43854, CVE-2024-42278,
CVE-2024-46720, CVE-2024-46677, CVE-2024-46854, CVE-2024-43840,
CVE-2024-43830, CVE-2024-46804, CVE-2024-45013, CVE-2024-46782,
CVE-2024-46840, CVE-2024-44977, CVE-2024-46838, CVE-2024-42264,
CVE-2024-47661, CVE-2024-43857, CVE-2023-52918, CVE-2024-44935,
CVE-2024-46739, CVE-2024-43825, CVE-2024-43864, CVE-2024-47659,
CVE-2024-42260, CVE-2024-44962, CVE-2024-46835, CVE-2024-43871,
CVE-2024-47674, CVE-2024-46827, CVE-2024-42283, CVE-2024-42299,
CVE-2024-46714, CVE-2024-46740, CVE-2024-46680, CVE-2024-46791,
CVE-2024-43912, CVE-2024-46813, CVE-2024-46733, CVE-2024-47664,
CVE-2024-42279, CVE-2024-46850, CVE-2024-42289, CVE-2024-46808,
CVE-2024-43880, CVE-2024-46832, CVE-2024-42276, CVE-2024-44937,
CVE-2024-42274, CVE-2024-46772, CVE-2024-47666, CVE-2024-44956,
CVE-2024-46763, CVE-2024-46805, CVE-2023-52889, CVE-2024-46678,
CVE-2024-43902, CVE-2024-46757, CVE-2024-46792, CVE-2024-42268,
CVE-2024-43853, CVE-2024-45027, CVE-2024-42305, CVE-2024-46828,
CVE-2024-43900, CVE-2024-46848, CVE-2024-46814, CVE-2024-46855,
CVE-2024-46727, CVE-2024-46836, CVE-2024-46744, CVE-2024-46780,
CVE-2024-46745, CVE-2024-42306)

Read Time:57 Second

It was discovered that Python incorrectly handled certain scripts.
An attacker could possibly use this issue to execute arbitrary code
or cause a crash. (CVE-2022-48560)

It was discovered that Python did not properly handle XML entity
declarations in plist files. An attacker could possibly use this
vulnerability to perform an XML External Entity (XXE) injection,
resulting in a denial of service or information disclosure.
(CVE-2022-48565)

It was discovered that Python did not properly provide constant-time
processing for a crypto operation. An attacker could possibly use this
issue to perform a timing attack and recover sensitive information.
(CVE-2022-48566)

It was discovered that Python incorrectly handled certain inputs. If a
user or an automated system were tricked into running a specially
crafted input, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2023-24329)

It was discovered that Python instances of ssl.SSLSocket were vulnerable
to a bypass of the TLS handshake. An attacker could possibly use this
issue to cause applications to treat unauthenticated received data before
TLS handshake as authenticated data after TLS handshake.
(CVE-2023-40217)

Cyber Security News

Category Archives: Advisories

redis-7.2.7-1.fc40

FEDORA-2025-72fd0442cc

Packages in this update:

Update description:

USN-7159-5: Linux kernel (Raspberry Pi) vulnerabilities

USN-7154-2: Linux kernel (HWE) vulnerabilities

USN-7182-1: Ceph vulnerability

USN-7181-1: Salt vulnerability

USN-7180-1: Python vulnerabilities

USN-7140-2: Tinyproxy vulnerability

perl-Net-OAuth-0.30-1.fc41

FEDORA-2025-f0077db20c

Packages in this update:

Update description:

perl-Net-OAuth-0.30-1.fc40

FEDORA-2025-05e642f1ef

Packages in this update:

Update description:

perl-Net-OAuth-0.30-1.el10_0

FEDORA-EPEL-2025-d8034c0356

Packages in this update:

Update description:

News, Advisories and much more