PT-2025-53251

Name of the Vulnerable Software and Affected Versions Icegram Icegram Express Pro versions through 5.9.11 Description A flaw exists in Icegram Icegram Express Pro email-subscribers-premium related to the deserialization of untrusted data, potentially leading to object injection. Recommendations...

PT-2025-53185

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the qla2xxx SCSI driver related to DMA-API calls on NVMe LS requests. A warning message and call trace were observed in debug kernels indicating...

CVE-2025-68341 veth: reduce XDP no_direct return section to fix race

In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP nodirect return section to fix race As explain in commit fa349e396e48 "veth: Fix race with AFXDP exposing old or uninitialized descriptors" for veth there is a chance after napicompletedone that another CPU can...

CVE-2025-68341

The CVE concerns a race in the Linux kernel veth path when using XDP with AF_XDP in threaded-NAPI mode. The root cause is a concurrency hazard in veth_pool() where two NAPI activations or teardowns may operate on the same BPF net context stored in the current task_struct after a PREEMPT_RT-relate...

K000158850: PCIe IDE protocol specification vulnerabilities CVE-2025-9612, CVE-2025-9613, and CVE-2025-9614

Security Advisory Description CVE-2025-9612 An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without...

CVE-2025-62863

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...

CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-14674

A vulnerability was found in aizuda snail-job up to 1.6.0. Affected by this vulnerability is the function QLExpressEngine.doEval of the file snail-job-common/snail-job-common-core/src/main/java/com/aizuda/snailjob/common/core/expression/strategy/QLExpressEngine.java. The manipulation results in...

CVE-2025-14304 ASRock, ASRockRack, ASRockInd｜Motherboard - Protection Mechanism Failure

Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd. has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory...

CVE-2025-14303 MSI｜Motherboard - Protection Mechanism Failure

Certain motherboard models developed by MSI has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are...

PT-2025-51800

Name of the Vulnerable Software and Affected Versions GIGABYTE motherboard models affected versions not specified Description A protection mechanism failure exists in certain GIGABYTE motherboard models due to improperly enabled IOMMU. This allows unauthenticated physical attackers with a...

CVE-2025-62863

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space...

CVE-2025-68265

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...

CVE-2025-68265

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...

UBUNTU-CVE-2025-68265

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...

CVE-2025-68176

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

UBUNTU-CVE-2025-68176

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

CVE-2025-68176 PCI: cadence: Check for the existence of cdns_pcie::ops before using it

In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming Sophgo platform which doesn't set the ops...

Ampere Computing多款产品 安全漏洞

Ampere Computing AmpereOne AC03 and others are a processor chip from Ampere Computing, USA. A security vulnerability exists in various Ampere Computing products, which stems from an SMC call format error that could result in an out-of-bounds write to the PCIe driver S-EL0 address space. The...

PT-2025-51755

Name of the Vulnerable Software and Affected Versions AmpereOne AC03 versions prior to 3.5.9.3 AmpereOne AC04 versions prior to 4.4.5.2 AmpereOne M versions prior to 5.4.5.1 Description The software contains a flaw where an incorrectly formed System Management Call SMC to the UEFI-MM PCIe driver...