Read Time:8 Second
Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.
Category Archives: Advisories
Multiple vulnerabilities in SonicWall SonicOS could allow a remote attacker to bypass authentication.
Read Time:19 Second
Multiple vulnerabilities have been discovered in SonicWall SonicOS that could allow for authentication bypass. SonicOS is SonicWall’s operating system designed for their firewalls and other security devices. Successful exploitation of the most severe of these vulnerabilities could allow for authentication bypass on the affected system. Depending on the privileges associated with the system, an attacker could then; view, change, or delete data.
xen-4.19.1-3.fc41
Read Time:20 Second
FEDORA-2025-933a9a977e
Packages in this update:
xen-4.19.1-3.fc41
Update description:
work around debugedit bug to fix aarch64 builds
xen-hypervisor %post doesn’t load all needed grub2 modules
update to xen-4.19.1 which includes
Deadlock in x86 HVM standard VGA handling [XSA-463, CVE-2024-45818]
libxl leaks data to PVH guests via ACPI tables [XSA-464, CVE-2024-45819]
thunderbird-128.6.0-1.fc40
Read Time:12 Second
FEDORA-2025-91031f9df9
Packages in this update:
thunderbird-128.6.0-1.fc40
Update description:
Update to 128.6.0
https://www.thunderbird.net/en-US/thunderbird/128.6.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-04/
thunderbird-128.6.0-1.fc41
Read Time:12 Second
FEDORA-2025-2f5b9ab47b
Packages in this update:
thunderbird-128.6.0-1.fc41
Update description:
Update to 128.6.0
https://www.thunderbird.net/en-US/thunderbird/128.6.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-04/
USN-7197-1: Go Networking vulnerability
Read Time:16 Second
Guido Vranken discovered that Go Networking handled input to the Parse
functions inefficiently. An attacker could possibly use this issue to
cause denial of service. This update addresses the issue in the
golang-golang-x-net and golang-golang-x-net-dev packages, as well as the
library vendored within adsys and juju-core.
USN-7185-2: Linux kernel (Azure) vulnerabilities
Read Time:1 Minute, 23 Second
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an integer overflow vulnerability. A local attacker could
use this to cause a denial of service (system crash). (CVE-2022-36402)
Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver
in the Linux kernel during device removal. A privileged attacker could use
this to cause a denial of service (system crash). (CVE-2023-35827)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– I2C subsystem;
– InfiniBand drivers;
– IRQ chip drivers;
– Network drivers;
– Pin controllers subsystem;
– S/390 drivers;
– TTY drivers;
– USB Host Controller drivers;
– USB Mass Storage drivers;
– Framebuffer layer;
– Ext4 file system;
– File systems infrastructure;
– Bluetooth subsystem;
– DMA mapping infrastructure;
– Memory management;
– 9P file system network protocol;
– IPv4 networking;
– IPv6 networking;
– Logical Link layer;
– MAC80211 subsystem;
– Netfilter;
– NFC subsystem;
– Phonet protocol;
– Network traffic control;
– VMware vSockets driver;
– Wireless networking;
(CVE-2024-42090, CVE-2024-42156, CVE-2021-47082, CVE-2024-26921,
CVE-2023-52594, CVE-2024-36968, CVE-2024-38633, CVE-2024-42077,
CVE-2021-47076, CVE-2021-47501, CVE-2023-52507, CVE-2024-42153,
CVE-2024-39301, CVE-2024-36946, CVE-2024-43884, CVE-2023-52509,
CVE-2024-36004, CVE-2023-52486, CVE-2024-50264, CVE-2024-45006,
CVE-2024-36941, CVE-2024-43856, CVE-2024-40912, CVE-2024-49967,
CVE-2024-53057, CVE-2024-26777, CVE-2024-36270, CVE-2024-26625,
CVE-2024-45021, CVE-2024-35886, CVE-2024-44947, CVE-2024-44944,
CVE-2024-35847, CVE-2024-40959, CVE-2024-42101, CVE-2024-38619)
USN-7169-4: Linux kernel (Azure) vulnerabilities
Read Time:14 Second
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Ext4 file system;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-49967, CVE-2024-53057, CVE-2024-50264)
USN-7196-1: Linux kernel (Azure) vulnerabilities
Read Time:8 Minute, 6 Second
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– MIPS architecture;
– PowerPC architecture;
– RISC-V architecture;
– S390 architecture;
– User-Mode Linux (UML);
– x86 architecture;
– Block layer subsystem;
– Android drivers;
– ATM drivers;
– Drivers core;
– Ublk userspace block driver;
– Bluetooth drivers;
– Character device driver;
– Hardware crypto device drivers;
– Buffer Sharing and Synchronization framework;
– DMA engine subsystem;
– Qualcomm firmware drivers;
– GPIO subsystem;
– GPU drivers;
– HID subsystem;
– Hardware monitoring drivers;
– I2C subsystem;
– I3C subsystem;
– IIO subsystem;
– InfiniBand drivers;
– Input Device core drivers;
– Input Device (Miscellaneous) drivers;
– IOMMU subsystem;
– IRQ chip drivers;
– LED subsystem;
– Mailbox framework;
– Multiple devices driver;
– Media drivers;
– Fastrpc Driver;
– VMware VMCI Driver;
– MMC subsystem;
– Ethernet bonding driver;
– Network drivers;
– Mellanox network drivers;
– Microsoft Azure Network Adapter (MANA) driver;
– Near Field Communication (NFC) drivers;
– NVME drivers;
– Device tree and open firmware driver;
– Parport drivers;
– PCI subsystem;
– Pin controllers subsystem;
– x86 platform drivers;
– Power supply drivers;
– Remote Processor subsystem;
– S/390 drivers;
– SCSI subsystem;
– QCOM SoC drivers;
– SPI subsystem;
– Direct Digital Synthesis drivers;
– Thunderbolt and USB4 drivers;
– TTY drivers;
– UFS subsystem;
– Userspace I/O drivers;
– DesignWare USB3 driver;
– USB Gadget drivers;
– USB Host Controller drivers;
– USB Type-C Connector System Software Interface driver;
– USB over IP driver;
– Virtio Host (VHOST) subsystem;
– Framebuffer layer;
– Xen hypervisor drivers;
– File systems infrastructure;
– BTRFS file system;
– Ext4 file system;
– F2FS file system;
– JFS file system;
– Network file systems library;
– Network file system (NFS) client;
– Network file system (NFS) server daemon;
– NILFS2 file system;
– File system notification infrastructure;
– NTFS3 file system;
– Proc file system;
– SMB network file system;
– Tracing file system;
– Bitmap API;
– BPF subsystem;
– Memory Management;
– Objagg library;
– Perf events;
– Virtio network driver;
– VMware vSockets driver;
– KCM (Kernel Connection Multiplexor) sockets driver;
– Control group (cgroup);
– DMA mapping infrastructure;
– Locking primitives;
– Padata parallel execution mechanism;
– Scheduler infrastructure;
– Tracing infrastructure;
– Radix Tree data structure library;
– Kernel userspace event delivery library;
– KUnit for arithmetic overflow checks;
– Memory management;
– Bluetooth subsystem;
– Ethernet bridge;
– CAN network layer;
– Networking core;
– Ethtool driver;
– IPv4 networking;
– IPv6 networking;
– MAC80211 subsystem;
– Multipath TCP;
– Netfilter;
– Network traffic control;
– SCTP protocol;
– TIPC protocol;
– Wireless networking;
– AppArmor security module;
– Landlock security;
– SELinux security module;
– Simplified Mandatory Access Control Kernel framework;
– FireWire sound drivers;
– AMD SoC Alsa drivers;
– Texas InstrumentS Audio (ASoC/HDA) drivers;
– SoC Audio for Freescale CPUs drivers;
– Intel ASoC drivers;
– Amlogic Meson SoC drivers;
– SoC audio core drivers;
– USB sound devices;
– Real-Time Linux Analysis tools;
(CVE-2024-44979, CVE-2024-47658, CVE-2024-44970, CVE-2024-43913,
CVE-2024-46816, CVE-2024-46738, CVE-2024-46777, CVE-2024-46730,
CVE-2024-46811, CVE-2024-44954, CVE-2024-42317, CVE-2024-42279,
CVE-2024-45002, CVE-2024-43826, CVE-2024-44967, CVE-2024-46721,
CVE-2024-46763, CVE-2024-43856, CVE-2024-42284, CVE-2024-42289,
CVE-2024-46806, CVE-2024-46776, CVE-2024-43843, CVE-2024-42298,
CVE-2024-43832, CVE-2024-42321, CVE-2024-42292, CVE-2024-44982,
CVE-2024-43842, CVE-2024-46772, CVE-2024-46702, CVE-2024-45017,
CVE-2024-43888, CVE-2024-47683, CVE-2024-46714, CVE-2024-43899,
CVE-2024-45025, CVE-2024-46751, CVE-2024-45020, CVE-2024-44977,
CVE-2024-46853, CVE-2024-46753, CVE-2024-46792, CVE-2024-46675,
CVE-2024-46805, CVE-2024-43890, CVE-2024-46703, CVE-2024-43841,
CVE-2024-44960, CVE-2024-46846, CVE-2024-46798, CVE-2024-44965,
CVE-2024-46812, CVE-2024-43835, CVE-2024-43839, CVE-2024-43886,
CVE-2024-46843, CVE-2024-50264, CVE-2024-46706, CVE-2024-46851,
CVE-2024-46758, CVE-2024-45027, CVE-2024-43887, CVE-2024-42278,
CVE-2024-46701, CVE-2024-46708, CVE-2024-46817, CVE-2024-46871,
CVE-2024-46771, CVE-2024-42304, CVE-2024-43877, CVE-2024-44996,
CVE-2024-46741, CVE-2024-46842, CVE-2024-43902, CVE-2024-43818,
CVE-2024-47662, CVE-2024-44931, CVE-2024-46793, CVE-2024-46746,
CVE-2024-46782, CVE-2024-43914, CVE-2024-43824, CVE-2024-46767,
CVE-2024-43871, CVE-2024-44971, CVE-2024-47666, CVE-2024-45008,
CVE-2024-42263, CVE-2024-46815, CVE-2024-46824, CVE-2024-45015,
CVE-2024-45000, CVE-2024-46841, CVE-2024-46770, CVE-2024-44942,
CVE-2024-46679, CVE-2024-46724, CVE-2024-46759, CVE-2024-43845,
CVE-2024-46795, CVE-2024-46818, CVE-2024-44988, CVE-2024-46807,
CVE-2024-46787, CVE-2024-43894, CVE-2024-46803, CVE-2024-44947,
CVE-2024-46786, CVE-2024-46689, CVE-2024-46686, CVE-2024-42290,
CVE-2024-46868, CVE-2024-43857, CVE-2024-43909, CVE-2023-52889,
CVE-2024-44944, CVE-2024-44973, CVE-2024-43905, CVE-2024-44938,
CVE-2024-43864, CVE-2024-46850, CVE-2024-43867, CVE-2024-43819,
CVE-2024-46691, CVE-2024-47664, CVE-2024-46821, CVE-2024-46867,
CVE-2024-46716, CVE-2024-43881, CVE-2024-46788, CVE-2024-43912,
CVE-2024-43904, CVE-2024-46727, CVE-2024-46680, CVE-2024-44985,
CVE-2024-46813, CVE-2024-47668, CVE-2024-42277, CVE-2024-42291,
CVE-2024-45003, CVE-2024-42309, CVE-2024-44937, CVE-2024-44953,
CVE-2024-46718, CVE-2024-42276, CVE-2024-45028, CVE-2024-43863,
CVE-2024-46866, CVE-2024-42258, CVE-2024-42273, CVE-2024-46717,
CVE-2024-46797, CVE-2024-46854, CVE-2024-44972, CVE-2024-46791,
CVE-2024-45010, CVE-2024-43825, CVE-2024-46775, CVE-2024-46745,
CVE-2024-46808, CVE-2024-46831, CVE-2024-45018, CVE-2024-42319,
CVE-2024-46822, CVE-2024-43883, CVE-2024-46722, CVE-2024-46694,
CVE-2024-45009, CVE-2024-42320, CVE-2024-46825, CVE-2024-43821,
CVE-2024-46749, CVE-2024-45006, CVE-2024-43895, CVE-2024-44950,
CVE-2024-43827, CVE-2024-43876, CVE-2024-47659, CVE-2024-44989,
CVE-2024-46804, CVE-2024-46754, CVE-2024-46766, CVE-2024-46728,
CVE-2024-46828, CVE-2024-46826, CVE-2024-46810, CVE-2024-44963,
CVE-2024-44934, CVE-2024-43829, CVE-2024-42268, CVE-2024-43850,
CVE-2024-43853, CVE-2024-43854, CVE-2024-43892, CVE-2024-43859,
CVE-2024-42285, CVE-2024-44962, CVE-2024-46725, CVE-2024-46814,
CVE-2024-44935, CVE-2024-42264, CVE-2024-42260, CVE-2024-46858,
CVE-2024-46778, CVE-2024-46774, CVE-2024-46848, CVE-2024-45013,
CVE-2024-43837, CVE-2024-46683, CVE-2024-46757, CVE-2024-46726,
CVE-2024-43831, CVE-2024-46737, CVE-2024-43893, CVE-2024-46823,
CVE-2024-42302, CVE-2024-44990, CVE-2024-46755, CVE-2024-46707,
CVE-2024-43833, CVE-2024-44940, CVE-2024-42259, CVE-2024-46855,
CVE-2024-46827, CVE-2024-46809, CVE-2024-46836, CVE-2024-43907,
CVE-2024-42312, CVE-2024-46692, CVE-2024-42297, CVE-2024-46864,
CVE-2024-42299, CVE-2024-45011, CVE-2024-46838, CVE-2024-44993,
CVE-2024-46802, CVE-2024-44966, CVE-2024-46739, CVE-2024-46780,
CVE-2024-44961, CVE-2024-42316, CVE-2024-47660, CVE-2024-46859,
CVE-2024-46762, CVE-2024-43861, CVE-2024-45012, CVE-2024-46784,
CVE-2024-43908, CVE-2024-46832, CVE-2024-44969, CVE-2024-46750,
CVE-2024-44958, CVE-2024-46740, CVE-2024-46829, CVE-2024-43873,
CVE-2024-49984, CVE-2024-44983, CVE-2024-42288, CVE-2024-46735,
CVE-2024-46676, CVE-2024-43823, CVE-2024-46779, CVE-2024-46744,
CVE-2024-42310, CVE-2024-44980, CVE-2024-46870, CVE-2024-42307,
CVE-2024-46768, CVE-2024-44984, CVE-2024-45007, CVE-2024-46710,
CVE-2024-44978, CVE-2024-46723, CVE-2024-46845, CVE-2024-44999,
CVE-2024-42311, CVE-2024-43884, CVE-2024-44939, CVE-2024-44974,
CVE-2024-42314, CVE-2024-42318, CVE-2024-39472, CVE-2024-46693,
CVE-2024-46794, CVE-2024-46844, CVE-2024-46695, CVE-2024-46720,
CVE-2024-46860, CVE-2024-46835, CVE-2024-47665, CVE-2024-46715,
CVE-2024-42305, CVE-2024-46773, CVE-2024-45030, CVE-2024-46697,
CVE-2024-46705, CVE-2024-42286, CVE-2024-46834, CVE-2024-46681,
CVE-2024-53057, CVE-2024-42303, CVE-2024-46678, CVE-2024-46756,
CVE-2023-52918, CVE-2024-43860, CVE-2024-43911, CVE-2024-43880,
CVE-2024-43910, CVE-2024-44975, CVE-2024-44959, CVE-2024-46747,
CVE-2024-43846, CVE-2024-42274, CVE-2024-46672, CVE-2024-43852,
CVE-2024-46709, CVE-2024-42306, CVE-2024-42281, CVE-2024-46849,
CVE-2024-46719, CVE-2024-43830, CVE-2024-46685, CVE-2024-44998,
CVE-2024-42313, CVE-2024-43820, CVE-2024-44991, CVE-2024-47674,
CVE-2024-46785, CVE-2024-45021, CVE-2024-46677, CVE-2024-43870,
CVE-2024-46698, CVE-2024-43900, CVE-2024-44956, CVE-2024-43849,
CVE-2024-46687, CVE-2024-42296, CVE-2024-46830, CVE-2024-47669,
CVE-2024-46732, CVE-2024-46733, CVE-2024-46852, CVE-2024-43906,
CVE-2024-43847, CVE-2024-42294, CVE-2024-46731, CVE-2024-45029,
CVE-2024-47667, CVE-2024-42272, CVE-2024-45022, CVE-2024-43879,
CVE-2024-46765, CVE-2024-45026, CVE-2024-44986, CVE-2024-44995,
CVE-2024-47663, CVE-2024-42262, CVE-2024-43889, CVE-2024-44987,
CVE-2024-43866, CVE-2024-42265, CVE-2024-46847, CVE-2024-46673,
CVE-2024-46783, CVE-2024-46761, CVE-2024-46840, CVE-2024-42301,
CVE-2024-43868, CVE-2024-45005, CVE-2024-42322, CVE-2024-43828,
CVE-2024-43834, CVE-2024-43891, CVE-2024-46861, CVE-2024-42261,
CVE-2024-43875, CVE-2024-43840, CVE-2024-42287, CVE-2024-46752,
CVE-2024-46711, CVE-2024-46713, CVE-2024-44943, CVE-2024-46743,
CVE-2024-43869, CVE-2024-46781, CVE-2024-44946, CVE-2024-42283,
CVE-2024-47661, CVE-2024-43817, CVE-2024-46819, CVE-2024-42267,
CVE-2024-46729, CVE-2024-46857, CVE-2024-42295, CVE-2024-46760,
CVE-2024-42315, CVE-2024-45019, CVE-2024-44948, CVE-2024-44941,
CVE-2024-42269, CVE-2024-44957, CVE-2024-49967)
USN-7195-1: Linux kernel (Azure) vulnerabilities
Read Time:1 Minute, 15 Second
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM32 architecture;
– ARM64 architecture;
– S390 architecture;
– x86 architecture;
– Power management core;
– GPU drivers;
– InfiniBand drivers;
– Network drivers;
– S/390 drivers;
– SCSI subsystem;
– TTY drivers;
– BTRFS file system;
– Ext4 file system;
– EROFS file system;
– F2FS file system;
– File systems infrastructure;
– BPF subsystem;
– Socket messages infrastructure;
– Bluetooth subsystem;
– Memory management;
– Amateur Radio drivers;
– Ethernet bridge;
– Networking core;
– IPv4 networking;
– Network traffic control;
– Sun RPC protocol;
– VMware vSockets driver;
– SELinux security module;
(CVE-2024-42240, CVE-2024-36938, CVE-2024-35967, CVE-2024-36953,
CVE-2022-48938, CVE-2024-38553, CVE-2024-35904, CVE-2024-35965,
CVE-2024-26947, CVE-2024-36968, CVE-2024-43892, CVE-2024-38597,
CVE-2023-52498, CVE-2021-47501, CVE-2024-44942, CVE-2024-42077,
CVE-2024-53057, CVE-2024-46724, CVE-2024-35963, CVE-2022-48943,
CVE-2024-42068, CVE-2024-42156, CVE-2022-48733, CVE-2023-52639,
CVE-2021-47101, CVE-2023-52821, CVE-2024-44940, CVE-2024-36952,
CVE-2021-47001, CVE-2024-38538, CVE-2024-40910, CVE-2021-47076,
CVE-2024-35966, CVE-2024-50264, CVE-2024-35951, CVE-2023-52488,
CVE-2023-52497, CVE-2024-49967)