CVE-2025-23132 f2fs: quota: fix to avoid warning in dquot_writeback_dquots()

In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix to avoid warning in dquotwritebackdquots F2FS-fs dm-59: checkpoint=enable has some unwritten data. ------------ cut here ------------ WARNING: CPU: 6 PID: 8013 at fs/quota/dquot.c:691...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation via the loadweightckpt function. An attacker can manipulate the deserialization process by providing malicious input to the PT File Handler component. Remediation There is no fixed version for lmdeploy...

CVE-2025-3162 InternLM LMDeploy PT File utils.py load_weight_ckpt deserialization

A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been classified as critical. Affected is the function loadweightckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the component PT File Handler. The manipulation leads to deserialization. Attacking locally is a requirement...

PT-2025-14773 · Unknown · Thu-Pacman Chitu

Name of the Vulnerable Software and Affected Versions: thu-pacman chitu version 0.1.0 Description: A critical vulnerability has been found in thu-pacman chitu. This issue affects the torch.load function in the file chitu/chitu/backend.py. The manipulation of the ckpt path/quant ckpt dir argument...

Checkpoint ZoneAlarm Driver Flaw Exposes Users to Credential Theft

Credential theft alert! Venak Security discovers a BYOVD attack using .SYS drivers to bypass Windows security. Learn how…...

OESA-2025-1273 kubernetes security update

Container cluster management. Security Fixes: A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.CVE-2025-0426...

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.

...

USN-7338-1 openjdk-17-crac vulnerabilities

Andy Boothe discovered that the Networking component of CRaC JDK 17 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of CRaC JDK 17 did no...

OESA-2025-1259 kubernetes security update

Container cluster management. Security Fixes: A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.CVE-2025-0426...

Linux Distros Unpatched Vulnerability : CVE-2023-52588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data...

cri-o: Checkpoint restore can be triggered from different namespaces

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.2 packages and security update

Red Hat OpenShift Container Platform release 4.18.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

GO-2025-3465 Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes

Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes...

SUSE CVE-2022-49360

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace:...

DEBIAN-CVE-2022-49360

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is shown below: kernel BUG at fs/f2fs/segment.c:2560! Call Trace:...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919 PoC 🚀 🔥 Description This script automates...

CVE-2022-49170

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg-alloctype As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215657 - Overview UBSAN: array-index-out-of-bounds in fs/f2fs/segment.c:3460:2 when mount and operat...

CVE-2025-0426

A flaw was found in Kubernetes. A large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may fill the Node's disk, potentially leading to a Node denial of service. Mitigation To mitigate this vulnerability, disable the kubelet read-only port by...

Node Denial of Service via kubelet Checkpoint API

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...

GHSA-JGFP-53C3-624W Node Denial of Service via kubelet Checkpoint API

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk...