ELSA-2025-20365: Unbreakable Enterprise kernel security update (IMPORTANT)

BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the HID over GATT Profile. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25177.

BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the HID over GATT Profile. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25177.

BlueZ HID over GATT Profile Improper Access Control Remote Code Execut ...

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Exposure of Sensitive Information in Shared Microarchitectural Structu ...

BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the HID over GATT Profile. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25177.

Уязвимость интерфейса HID Profile (Human Interface Device) стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю выполнить произвольные команды

Security update for xen

Security update for xen

Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

ELSA-2025-20368: Unbreakable Enterprise kernel security update (IMPORTANT)

ELSA-2025-20323: Unbreakable Enterprise kernel security update (IMPORTANT)

ELSA-2025-20318: Unbreakable Enterprise kernel security update (IMPORTANT)

ELSA-2025-10991: microcode_ctl security update (MODERATE)

ELSA-2025-10108: microcode_ctl security update (MODERATE)

Уязвимость микропрограммного обеспечения процессоров Intel, связанная с раскрытием информации, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)