CVE-2025-21487 Buffer Over-read in Data Network Stack & Connectivity

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length...

CVE-2025-21487

CVE-2025-21487 concerns information disclosure in Qualcomm closed‑source components due to incorrect handling of RTP payload length when decoding packets. The root cause is a buffer length mismatch that can lead to over-read and leakage of information from the UE. The vulnerability is categorized...

CVE-2025-21484 Buffer Over-read in Data Network Stack & Connectivity

Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet...

CVE-2025-21484

CVE-2025-21484 is an information-disclosure issue described as a buffer over-read in the Qualcomm data-network stack, triggered when a User Equipment (UE) decodes and reassembles RTP fragments received over the network. Public descriptions consistently state that the vulnerability causes informat...

CVE-2025-21483 Improper Restriction of Operations within the Bounds of a Memory Buffer in Data Network Stack & Connectivity

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs...

CVE-2025-21483 Improper Restriction of Operations within the Bounds of a Memory Buffer in Data Network Stack & Connectivity

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. CVE-2022-50116: tty: ngsm: fix deadlock and link starvation in outgoing data path...

CVE-2025-54093

Time-of-check time-of-use toctou race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

This is a rather flaky poc for CVE-2024-38063, a RCE in tcpip.sys patched on August 13th 2024. I didn't find and report this vuln, that would be Wei. requirements pip3 install scapy usage Modify the fields in the script: - iface tcpip!Ipv6pProcessOptions - tcpip!IppSendErrorList being hit? - Brea...

CVE-2025-39703 net, hsr: reject HSR frame if skb can't hold tag

In the Linux kernel, the following vulnerability has been resolved: net, hsr: reject HSR frame if skb can't hold tag Receiving HSR frame with insufficient space to hold HSR tag in the skb can result in a crash kernel BUG: 45.390915 skbuff: skbunderpanic: text:ffffffff86f32cac len:26 put:14...

CVE-2025-38718

CVE-2025-38718 affects the Linux kernel SCTP implementation. The issue arises when cloning head skbs with fraglists, causing use-after-likes from sharing frag skbs and leading to uninitialized-value bugs (KMSAN) in sctp_inq_pop and related code paths. The fix patches sctp_rcv() to linearize clone...

net: appletalk: Fix device refcount leak in atrtr_create()

...

ROS-20250829-04

A vulnerability in a network stack designed to manage Netavark container networks is related to the removal of the of the dns.podman search domain. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive information...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

SUSE CVE-2025-38622

In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...

Linux Distros Unpatched Vulnerability : CVE-2023-52991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer in skbsegmentlist Commit 3a1296a38d0c net: Support GRO/GSO fraglist...

Linux Distros Unpatched Vulnerability : CVE-2017-9242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may...

gvisor-tap-vsock security update

An update is available for gvisor-tap-vsock. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A replacement for libslirp and VPNKit, written in pure Go. It is bas...

Netavark Has Possible DNS Resolve Confusion

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

CVE-2025-8283 Netavark: podman: netavark may resolve hostnames to unexpected hosts

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...