security patch

A subtle change in the Linux kernel networking stack — switching get_netdev_for_sock to use __sk_dst_get and dst_dev_rcu — was published as CVE-2025-40149 and patches were merged upstream to remove a potential use‑after‑free (UAF) when callers accessed a transient device pointer outside an RCU...

The Linux kernel disclosure tracked as CVE-2024-49945 fixes a subtle but meaningful resource-management bug in the Network Controller Sideband Interface (NCSI) driver: the kernel was freeing an NCSI device structure while a scheduled work item could still run against it, creating a classic...

The Linux kernel vulnerability CVE-2024-1151 is a stack‑overflow defect in the Open vSwitch (OVS) kernel module that can be triggered by recursive action operations and yields a reliable denial‑of‑service (DoS) — an attacker who can reach the OVS control path can cause the kernel to crash or the...

A small but consequential defensive change landed in the Linux kernel’s AMD DRM display stack to eliminate a reliable kernel crash primitive: the patch adds a null check for pipe_ctx->plane_state inside dcn20_program_pipe, preventing a NULL-pointer dereference that could produce a driver oops...

A small, surgical change to the AMD display driver in the Linux kernel patched a deterministic NULL-pointer dereference that could crash systems when specific display code paths were exercised, and the fix — while tiny in code — is operationally significant because it removes a reliable...

The Linux kernel fix for CVE-2025-21786 corrects a subtle but dangerous ordering error in the workqueue cleanup path that created a use-after-free window: the patch moves the code that drops the workqueue pool reference (pwq) so it happens only after the rescuer thread has been detached from the...

A subtle NULL-pointer bug in the Linux ACPI code — tracked as CVE-2024-56782 — has been patched upstream but remains a live operational concern for many deployments because it can trigger kernel crashes and sustained denial-of-service conditions when certain local device paths are exercised...

A carefully placed mutex change in the Qualcomm MSM display driver (drm/msm/dpu) fixed a subtle — but high-impact — race that could let unprivileged code crash the kernel by toggling vblank handling from multiple threads, and the fix should be treated as a high-priority kernel update for any...

The Linux kernel has closed a small but consequential memory‑safety gap in the HFS driver: CVE‑2025‑40243 fixes a KMSAN‑reported uninitialized‑value read in hfs_find_set_zero_bits by ensuring the HFS volume bitmap is allocated zeroed (kzalloc) instead of with kmalloc, removing a source of...

A recently disclosed Linux kernel vulnerability, tracked as CVE‑2025‑40251, stems from a small but consequential oversight in devlink’s rate node teardown logic: the function devl_rate_nodes_destroy failed to clear the devlink_rate->parent pointer after decrementing the parent's reference count...

A newly disclosed Linux kernel vulnerability, tracked as CVE-2025-40219, fixes a long-standing race and locking gap in the kernel’s PCI I/O virtualization (PCI/IOV) SR-IOV code: enabling and disabling SR-IOV did not take the global PCI “rescan‑remove” serialization lock, allowing concurrent...

A small, surgical patch landed upstream this month to fix CVE-2023-53248 — a Linux kernel flaw in the AMDGPU DRM driver that could let the kernel hit a NULL dereference when waiting on page-table update fences, producing a denial-of-service condition on affected systems; the remediation is...

A critical unauthenticated data-injection flaw in Fluent Bit’s forward input plugin has been publicly cataloged as CVE-2025-12969; the bug lets an attacker who can reach a Fluent Bit forward listener send unauthenticated records by bypassing the configured security.users control, enabling forged...

A newly disclosed high‑severity vulnerability in the popular JavaScript cryptography library node‑forge (tracked as CVE‑2025‑66031) enables unbounded ASN.1 recursion that can be trivially abused to crash Node.js processes parsing untrusted DER inputs — and the fix landed quickly in node‑forge...

OpenPrinting’s CUPS received a security update on November 27–29, 2025 after a stack-based out‑of‑bounds write (CWE‑124 / CWE‑129) was found in the cupsd configuration parser that lets a local lpadmin user inject a malicious IPv6 fragment into cupsd.conf through the web UI — an input‑validation...

A new Microsoft Security Response Center advisory published on November 11, 2025, documents CVE‑2025‑59510 — a local denial‑of‑service (DoS) vulnerability in Windows Routing and Remote Access Service (RRAS) that stems from improper link resolution (symlink or "link following") before file...

Microsoft has recorded CVE-2025-62213 as a use‑after‑free elevation‑of‑privilege in the Windows Ancillary Function Driver for WinSock (afd.sys), a kernel‑mode networking component, and administrators are urged to apply the vendor's security update immediately to close a local post‑compromise...

Microsoft’s advisory for a spoofing vulnerability affecting Dynamics 365 Field Service (online) is terse, dynamically rendered in the Microsoft Security Update Guide, and — as currently available in public mirrors — leaves important technical details unconfirmed; administrators must treat the...

Microsoft has published an advisory for CVE-2025-47179, a Configuration Manager elevation‑of‑privilege issue that affects on‑premises Microsoft Configuration Manager installations and requires immediate attention from administrators responsible for management‑plane infrastructure. Overview...

Microsoft’s advisory listing for CVE-2025-62216 describes a Microsoft Office vulnerability that can result in remote code execution when a crafted Office document is processed on an endpoint — a serious finding that demands immediate, prioritized mitigation across both corporate and consumer...