cve 2025 62455

A null-pointer robustness fix in the Linux kernel’s DaVinci clock driver — tracked as CVE‑2025‑38635 — has been published and patched upstream; Microsoft’s public advisory confirms Azure Linux as a confirmed carrier but does not, and cannot, by that statement alone guarantee that no other...

A null-pointer dereference bug in the Linux kernel’s ATM “clip” code — tracked as CVE-2025-38458 — has been fixed upstream, and Microsoft’s Security Response Center (MSRC) has published a short product-level attestation saying Azure Linux includes this open‑source library and is therefore...

HDF5 1.14.6 contains a heap buffer overflow in the Scale‑Offset filter (H5Z__filter_scaleoffset) that can be triggered by malformed HDF5 files and has been assigned CVE‑2025‑44905, creating a realistic denial‑of‑service and memory‑corruption risk for any software or service that reads untrusted...

Microsoft has acknowledged that the December 9–12, 2025 cumulative update for Windows 10 (notably KB5071546 for 22H2 ESU builds) introduced a regression that breaks Microsoft Message Queuing (MSMQ) by changing the component’s filesystem security semantics, causing queues to go inactive and...

Microsoft’s December Patch Tuesday has produced a painful and immediate headache for enterprises that still rely on Microsoft Message Queuing (MSMQ): multiple cumulative updates released on December 9–11, 2025 changed MSMQ’s filesystem security semantics and, in many environments, prevented...

Microsoft has published an advisory for CVE-2025-62455, a newly recorded elevation-of-privilege vulnerability in Microsoft Message Queuing (MSMQ) that affects installations where the MSMQ component is present and accessible; the vendor entry confirms the vulnerability identifier but offers only...