4 hours 34 minutes ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- SMB network file system;
- Bluetooth subsystem;
- Network traffic control;
(CVE-2023-52975, CVE-2024-38541, CVE-2025-37797, CVE-2024-49950,
CVE-2024-50073, CVE-2023-52757, CVE-2025-38083)
5 hours 46 minutes ago
Version:next-20250821 (linux-next)
Released:2025-08-21
8 hours 3 minutes ago
16 hours 50 minutes ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-38079, CVE-2025-38048, CVE-2025-38075, CVE-2025-38077,
CVE-2025-38035, CVE-2025-38037, CVE-2025-38034, CVE-2025-38058,
CVE-2025-38004, CVE-2025-38031, CVE-2025-38078, CVE-2025-38044,
CVE-2025-38066, CVE-2025-38052, CVE-2025-38043, CVE-2025-38065,
CVE-2025-38003, CVE-2025-38061, CVE-2025-38051, CVE-2025-38072,
CVE-2025-38068)
17 hours 8 minutes ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Input Device (Mouse) drivers;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- PCI subsystem;
- S/390 drivers;
- SPI subsystem;
- Trusted Execution Environment drivers;
- UFS subsystem;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- Framebuffer layer;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- File systems infrastructure;
- SMB network file system;
- Networking core;
- L3 Master device support module;
- TCP network protocol;
- io_uring subsystem;
- Process Accounting mechanism;
- BPF subsystem;
- Timer subsystem;
- Workqueue subsystem;
- Memory management;
- Amateur Radio drivers;
- B.A.T.M.A.N. meshing protocol;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Open vSwitch;
- Network traffic control;
- SOF drivers;
(CVE-2025-21776, CVE-2025-21768, CVE-2025-21848, CVE-2025-21855,
CVE-2025-21791, CVE-2025-21838, CVE-2025-21762, CVE-2025-21846,
CVE-2025-21765, CVE-2025-21869, CVE-2025-21783, CVE-2025-21868,
CVE-2025-21857, CVE-2025-21773, CVE-2024-54458, CVE-2025-21871,
CVE-2025-21763, CVE-2024-58088, CVE-2025-21835, CVE-2025-21793,
CVE-2025-21867, CVE-2025-21784, CVE-2025-21839, CVE-2025-21786,
CVE-2025-21764, CVE-2025-21761, CVE-2025-21767, CVE-2024-58020,
CVE-2025-21847, CVE-2025-21792, CVE-2025-21785, CVE-2025-21863,
CVE-2025-21854, CVE-2025-21704, CVE-2024-52559, CVE-2025-21775,
CVE-2025-21758, CVE-2025-21858, CVE-2025-21866, CVE-2025-21870,
CVE-2024-57977, CVE-2024-54456, CVE-2025-21759, CVE-2025-21781,
CVE-2025-21760, CVE-2025-21706, CVE-2024-57834, CVE-2025-21712,
CVE-2025-21864, CVE-2025-21780, CVE-2025-21790, CVE-2025-21856,
CVE-2025-21796, CVE-2025-21859, CVE-2025-21782, CVE-2024-58093,
CVE-2025-21844, CVE-2025-21795, CVE-2025-21823, CVE-2025-21853,
CVE-2025-21772, CVE-2025-21746, CVE-2025-21821, CVE-2024-58086,
CVE-2025-21787, CVE-2025-21836, CVE-2025-21861, CVE-2025-21766,
CVE-2025-21862, CVE-2025-21779)
17 hours 25 minutes ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- RISC-V architecture;
- x86 architecture;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- GPU drivers;
- HID subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Network drivers;
- Mellanox network drivers;
- PHY drivers;
- Voltage and Current Regulator drivers;
- VideoCore services drivers;
- USB Type-C Connector System Software Interface driver;
- Xen hypervisor drivers;
- EROFS file system;
- Network file system (NFS) client;
- File systems infrastructure;
- SMB network file system;
- Network traffic control;
- io_uring subsystem;
- Kernel command line parsing driver;
- Scheduler infrastructure;
- Memory management;
- Networking core;
- MAC80211 subsystem;
- Management Component Transport Protocol (MCTP);
- Netfilter;
- Open vSwitch;
- TLS protocol;
- Wireless networking;
- SOF drivers;
(CVE-2025-38011, CVE-2025-38095, CVE-2025-37967, CVE-2025-38012,
CVE-2025-38019, CVE-2025-37960, CVE-2025-37973, CVE-2025-37958,
CVE-2025-38094, CVE-2025-37963, CVE-2025-37955, CVE-2025-38014,
CVE-2025-38025, CVE-2025-37970, CVE-2025-37947, CVE-2025-37966,
CVE-2025-37948, CVE-2025-38013, CVE-2025-37957, CVE-2025-38028,
CVE-2025-37962, CVE-2025-38002, CVE-2025-37996, CVE-2025-37992,
CVE-2025-37969, CVE-2025-38009, CVE-2025-38027, CVE-2025-38020,
CVE-2025-38023, CVE-2025-38008, CVE-2025-38015, CVE-2025-37954,
CVE-2025-38007, CVE-2025-38005, CVE-2025-37956, CVE-2025-37965,
CVE-2025-37972, CVE-2025-38006, CVE-2025-37971, CVE-2025-38056,
CVE-2025-37968, CVE-2025-38024, CVE-2025-37951, CVE-2025-38016,
CVE-2025-38022, CVE-2025-37964, CVE-2025-37994, CVE-2025-37952,
CVE-2025-37998, CVE-2025-37993, CVE-2025-38018, CVE-2025-38010,
CVE-2025-37995, CVE-2025-38021, CVE-2025-37999, CVE-2025-37961,
CVE-2025-37959, CVE-2025-37950, CVE-2025-37949)
19 hours 20 minutes ago
19 hours 26 minutes ago
19 hours 29 minutes ago
20 hours 28 minutes ago
It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this issue to cause a denial of service.
21 hours 18 minutes ago
It was discovered that LibTIFF incorrectly handled certain memory
operations when using tiffmedian tool. An attacker could trick a user into
processing a specially crafted tiff image file and potentially use this
issue to cause a denial of service. (CVE-2025-8176)
It was discovered that LibTIFF did not properly perform bounds checking
in certain operations when using thumbnail tool. An attacker could trick
a user into processing a specially crafted tiff image file and
potentially use this issue to cause a denial of service. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2025-8177)
It was discovered that LibTIFF incorrectly handled certain memory
operations when using tiff2ps tool. An attacker could trick a user into
processing a specially crafted tiff image file and potentially use this
issue to cause a denial of service. (CVE-2025-8534)
It was discovered that LibTIFF did not properly perform bounds checking
in certain operations when using tiffcrop tool. An attacker could trick
a user into processing a specially crafted tiff image file and
potentially use this issue to cause a denial of service. (CVE-2025-8851)
1 day 4 hours ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- SMB network file system;
- Bluetooth subsystem;
- Network traffic control;
(CVE-2023-52757, CVE-2024-49950, CVE-2024-38541, CVE-2023-52975,
CVE-2024-50073, CVE-2025-38083, CVE-2025-37797)
1 day 4 hours ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network traffic control;
(CVE-2025-38083, CVE-2025-37797)
1 day 6 hours ago
It was discovered that Ceph incorrectly handled read-only permissions. An
authenticated attacker could use this issue to obtain dm-crypt encryption
keys. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-14662)
Sergey Bobrov discovered that Ceph’s RadosGW (Ceph Object Gateway) allowed
the injection of HTTP headers in responses to CORS requests. An attacker
could possibly use this issue to compromise system integrity. This issue
only
affected Ubuntu 16.04 LTS. (CVE-2021-3524)
1 day 7 hours ago
Version:next-20250820 (linux-next)
Released:2025-08-20
1 day 8 hours ago
1 day 11 hours ago
It was discovered that Tomcat did not correctly handle case sensitivity.
An attacker could possibly use this issue to bypass authentication
mechanisms. (CVE-2025-46701)
Elysee Franchuk discovered that Tomcat did not correctly limit the number
of attributes for a session. An attacker could possibly use this issue to
cause a denial of service. This issue only affected Ubuntu 24.04 LTS.
(CVE-2024-54677)
It was discovered that Tomcat did not correctly sanitize certain URLs. An
attacker could possibly use this issue to bypass authentication
mechanisms. (CVE-2025-31651)
It was discovered that Tomcat did not correctly handle certain malformed
HTTP headers,
which could lead to a memory leak. An attacker could possibly use this
issue to cause a denial of service. This issue only affected
Ubuntu 24.04 LTS. (CVE-2025-31650)
It was discovered that Tomcat did not correctly handle concurrent
operations under certain circumstances. An attacker could possibly use
this issue to execute arbitrary code. This issue only affected
Ubuntu 24.04 LTS. (CVE-2024-50379)
It was discovered that Tomcat did not correctly handle certain
authentication errors. An attacker could possibly use this issue to
bypass authentication mechanisms. This issue only affected
Ubuntu 24.04 LTS. (CVE-2024-52316)
1 day 12 hours ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-38079, CVE-2025-38048, CVE-2025-38075, CVE-2025-38077,
CVE-2025-38035, CVE-2025-38037, CVE-2025-38034, CVE-2025-38058,
CVE-2025-38004, CVE-2025-38031, CVE-2025-38078, CVE-2025-38044,
CVE-2025-38066, CVE-2025-38052, CVE-2025-38043, CVE-2025-38065,
CVE-2025-38003, CVE-2025-38061, CVE-2025-38051, CVE-2025-38072,
CVE-2025-38068)
1 day 12 hours ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-38052, CVE-2025-38078, CVE-2025-38079, CVE-2025-38061,
CVE-2025-38044, CVE-2025-38065, CVE-2025-38043, CVE-2025-38034,
CVE-2025-38037, CVE-2025-38048, CVE-2025-38066, CVE-2025-38003,
CVE-2025-38058, CVE-2025-38075, CVE-2025-38077, CVE-2025-38051,
CVE-2025-38031, CVE-2025-38035, CVE-2025-38072, CVE-2025-38004,
CVE-2025-38068)
1 day 14 hours ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Input Device (Mouse) drivers;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- PCI subsystem;
- S/390 drivers;
- SPI subsystem;
- Trusted Execution Environment drivers;
- UFS subsystem;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- Framebuffer layer;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- File systems infrastructure;
- SMB network file system;
- Networking core;
- L3 Master device support module;
- TCP network protocol;
- io_uring subsystem;
- Process Accounting mechanism;
- BPF subsystem;
- Timer subsystem;
- Workqueue subsystem;
- Memory management;
- Amateur Radio drivers;
- B.A.T.M.A.N. meshing protocol;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Open vSwitch;
- Network traffic control;
- SOF drivers;
(CVE-2025-21776, CVE-2025-21768, CVE-2025-21848, CVE-2025-21855,
CVE-2025-21791, CVE-2025-21838, CVE-2025-21762, CVE-2025-21846,
CVE-2025-21765, CVE-2025-21869, CVE-2025-21783, CVE-2025-21868,
CVE-2025-21857, CVE-2025-21773, CVE-2024-54458, CVE-2025-21871,
CVE-2025-21763, CVE-2024-58088, CVE-2025-21835, CVE-2025-21793,
CVE-2025-21867, CVE-2025-21784, CVE-2025-21839, CVE-2025-21786,
CVE-2025-21764, CVE-2025-21761, CVE-2025-21767, CVE-2024-58020,
CVE-2025-21847, CVE-2025-21792, CVE-2025-21785, CVE-2025-21863,
CVE-2025-21854, CVE-2025-21704, CVE-2024-52559, CVE-2025-21775,
CVE-2025-21758, CVE-2025-21858, CVE-2025-21866, CVE-2025-21870,
CVE-2024-57977, CVE-2024-54456, CVE-2025-21759, CVE-2025-21781,
CVE-2025-21760, CVE-2025-21706, CVE-2024-57834, CVE-2025-21712,
CVE-2025-21864, CVE-2025-21780, CVE-2025-21790, CVE-2025-21856,
CVE-2025-21796, CVE-2025-21859, CVE-2025-21782, CVE-2024-58093,
CVE-2025-21844, CVE-2025-21795, CVE-2025-21823, CVE-2025-21853,
CVE-2025-21772, CVE-2025-21746, CVE-2025-21821, CVE-2024-58086,
CVE-2025-21787, CVE-2025-21836, CVE-2025-21861, CVE-2025-21766,
CVE-2025-21862, CVE-2025-21779)