Windows update

  1. CVE-2025-39901 i40e: remove read access to debugfs files

    Information published.

  2. CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver

    Information published.

  3. CVE-2025-39863 wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work

    Information published.

  4. CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects

    Information published.

  5. CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog

    Information published.

  6. CVE-2023-53370 drm/amdgpu: fix memory leak in mes self test

    Information published.

  7. CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object

    Information published.

  8. CVE-2025-39886 bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()

    Information published.

  9. CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED

    Information published.

  10. CVE-2022-50393 drm/amdgpu: SDMA update use unlocked iterator

    Information published.

  11. CVE-2022-50418 wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()

    Information published.

  12. CVE-2023-53371 net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create

    Information published.

  13. CVE-2023-53376 scsi: mpi3mr: Use number of bits to manage bitmap sizes

    Information published.

  14. CVE-2023-53447 f2fs: don't reset unchangable mount option in f2fs_remount()

    Information published.

  15. CVE-2024-58241 Bluetooth: hci_core: Disable works on hci_unregister_dev

    Information published.

  16. CVE-2025-61662 Grub2: missing unregister call for gettext command may lead to use-after-free

    Information published.

  17. CVE-2025-61663 Grub2: missing unregister call for normal commands may lead to use-after-free

    Information published.

  18. CVE-2025-61661 Grub2: grub2: out-of-bounds write via malicious usb device

    Information published.

  19. CVE-2025-61664 Grub2: missing unregister call for normal_exit command may lead to use-after-free

    Information published.

  20. CVE-2025-14087 Glib: glib: buffer underflow in gvariant parser leads to heap corruption

    Information published.

  21. CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509

    Information published.

  22. CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509

    Information published.

  23. CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow

    Information published.

  24. CVE-2025-14523 Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)

    Information published.

  25. CVE-2025-14104 Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames

    Information published.

  26. CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1

    Information published.

  27. CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509

    Information published.

  28. CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler

    Information published.

  29. CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar

    Information published.

  30. CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail

    Information published.

  31. CVE-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url

    Information published.

  32. CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http

    Information published.

  33. CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto

    Information published.

  34. CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem

    Information published.

  35. CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509

    Information published.

  36. CVE-2025-62468 Windows Defender Firewall Service Information Disclosure Vulnerability

    Corrected CVSS Privileges metric to PR:L, corrected Exploitability assessment to Expoitation More Likely, and updated FAQs. These are informational changes only.

  37. CVE-2025-49178 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore

    Information published.

  38. CVE-2025-49175 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors

    Information published.

  39. CVE-2025-49176 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension

    Information published.

  40. CVE-2025-49177 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: data leak in xfixes extension's xfixessetclientdisconnectmode

    Information published.

  41. CVE-2025-49179 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension

    Information published.

  42. CVE-2025-49180 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension

    Information published.

  43. CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509

    Information published.

  44. CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509

    Information published.

  45. CVE-2023-45284 Incorrect detection of reserved device names on Windows in path/filepath

    Information published.

  46. CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1

    Information published.

  47. CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509

    Information published.

  48. CVE-2025-39927 ceph: fix race condition validating r_parent before applying state

    Information published.

  49. CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar

    Information published.

  50. CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail

    Information published.

Приглашаю на лучшие дистанционные курсы повышения квалификации, курсы профессиональной переподготовки и курсы по специальностям на проверенной образовательной платформе «Знанио».

Воспользуйтесь моим купоном «9954514» при оформлении заказа, чтобы получить скидку -50% на https://znanio.ru на все курсы и другие услуги портала.

Прогноз погоды в Анадырь
world-weather.ru