CVE-2025-38013 wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Set nchannels after allocating struct cfg80211scanrequest Make sure that nchannels is set after allocating the struct cfg80211registereddevice::intscanreq member. Seen with syzkaller: UBSAN:...

PT-2025-25871 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, specifically in the gpio-fan driver. The issue arises from the driver's failure to check if the cooling state passed to gpio fa...

Bias Variation Compensation in Perimeter-Gated SPAD TRNGs

Random number generators that utilize arrays of entropy source elements suffer from bias variation BV. Despite the availability of efficient debiasing algorithms, optimized implementations of hardware friendly options depend on the bit bias in the raw bit streams and cannot accommodate a wide BV...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from gpio-fan not checking for cool state boundaries, which could lead to out-of-bounds access to arrays...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds access to the aqvec array by the atlantic driver array index...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential 32-bit overflow when accessing ARRAY mapped elements...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a stack allocation matching array, which could lead to invalid memory accesses...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of tnumrange for array range checking, which could lead to out-of-bounds reads...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an undersized blocksequence array, which could lead to a buffer overflow...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not setting nchannels correctly, which could lead to out-of-bounds access to arrays...

PT-2025-26093

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential 32-bit overflow issue has been identified in the Linux kernel when accessing BPF array map elements. This occurs when the BPF array map exceeds 4GB, causing the element point...

kernel: Fix of 4 CVEs

media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit CVE-2022-49478 - x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 - cifs: fix potential double free during failed mount CVE-2022-49541 - drm/amd/pm: fix double free in siparsepowertable CVE-2022-49530...

TencentOS Server 3: php:7.4 (TSSA-2022:0157)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0157 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

PT-2025-27958

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential out-of-bounds write issue has been identified in the Linux kernel, specifically in the lan743x ptp io event clock get function. The issue arises when the channel value is...

PT-2025-49381

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free flaw within the TIPC Transparent Inter-Process Communication networking module, specifically in the tipc mon reinit self function. This issue w...

CVE-2025-5868

A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function systhreadsigprocmask of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument how leads to improper validation of array index...

CVE-2025-5866

A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function syssigprocmask of the file rt-thread/components/lwp/lwpsyscall.c. The manipulation of the argument how leads to improper validation of array index...

Dell PowerStore Trust Management Issues Vulnerabilities

Dell PowerStore is a scalable all-flash array storage from Dell USA. A trust management issue vulnerability exists in Dell PowerStore version 4.0.0.0, which stems from the use of hard-coded credentials and can be exploited by an attacker to cause unauthorized access...

firefox: thunderbird: Out-of-bounds access when optimizing linear sums

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...

OS Command Exec, Unix Command Shell, Reverse SCTP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/reversesocatsctp msf payloadreversesocatsctp show actions ...actions... msf payloadreversesocatsctp set ACTION msf payloadreversesocatsctp show options ...show and set options... msf...