EUVD-2025-203887

A "Privilege boundary violation" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The...

CVE-2025-67715

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to retrieve user notification settings or list all users via API. Version 5.15 fixes the issue...

SUSE CVE-2025-68317

In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...

EUVD-2025-203752

In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...

EUVD-2025-203786

In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...

CVE-2025-68317

In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...

CVE-2025-68294

In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...

UBUNTU-CVE-2025-68317

In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...

UBUNTU-CVE-2025-68294

In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...

CVE-2025-68294

In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...

CVE-2025-68317

In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...

CVE-2025-68317 io_uring/zctx: check chained notif contexts

In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...

CVE-2025-68317

CVE-2025-68317 concerns the Linux kernel io_uring/zctx path, specifically a check of chained notification contexts and ensuring that zc only links ubuf_info for requests from the same context. The available connected advisories (SUSE-SU-2026:20220-1 and SUSE-SU-2026:20228-1, referenced in OpenSUS...

CVE-2025-68294

Summary : CVE-2025-68294 concerns the Linux kernel’s IO_URING/vectored buffer handling. The issue arises in the vectored buffer import path where the import used the wrong IO_kiocb context ('req') instead of the notification context (sr->notif), risking lifetime misalignment between the vector...

CVE-2025-68294 io_uring/net: ensure vectored buffer node import is tied to notification

In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...

CVE-2025-68294 io_uring/net: ensure vectored buffer node import is tied to notification

In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...

PYSEC-2025-233

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to retrieve user notification settings or list all users via API. Version 5.15 fixes the issue...

CVE-2025-67715

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to retrieve user notification settings or list all users via API. Version 5.15 fixes the issue...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly checking the chained notification context, which could lead to ambiguity in notification completion...

Weblate 授权问题漏洞

Weblate is a Copyleft open source web-based free software continuous localization system. An authorization issue vulnerability exists in Weblate versions prior to 5.15, which stems from the possibility that the API may retrieve user notification settings or list all users, potentially leading to...