EUVD-2025-201575

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcmonreinitself. syzbot reported use-after-free of tipcnetnet-monitors in tipcmonreinitself. 0 The array is protected by RTNL, but tipcmonreinitself iterates over it without RTNL. tipcmonreinitself i...

CVE-2025-40280

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcmonreinitself. syzbot reported use-after-free of tipcnetnet-monitors in tipcmonreinitself. 0 The array is protected by RTNL, but tipcmonreinitself iterates over it without RTNL. tipcmonreinitself i...

CVE-2025-40280 tipc: Fix use-after-free in tipc_mon_reinit_self().

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcmonreinitself. syzbot reported use-after-free of tipcnetnet-monitors in tipcmonreinitself. 0 The array is protected by RTNL, but tipcmonreinitself iterates over it without RTNL. tipcmonreinitself i...

Exploit for Improper Validation of Array Index in Linux Linux_Kernel

\ CVE-2022-49186: Linux Kernel Privilege Escalation Research...

PT-2025-49378

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the drm/vmwgfx module where command header size validation against SVGA CMD MAX DATASIZE is insufficient. Data originating from userspace, used in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from tipc not properly protecting monitors array access, which could lead to reuse after release...

EUVD-2025-201500

Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025...

CVE-2025-66644

Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025...

CVE-2025-66644

Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025...

CVE-2025-40252

QLogic qede driver processes TPA TCP/IP Packet Aggregation completion queue entries by iterating through lenlist until hitting a zero terminator. Malformed or corrupted completion entries lacking this sentinel cause the loop to read beyond array bounds. SVACE static analysis identified that...

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It's...

CVE-2025-66644

Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025...

CVE-2025-66644

CVE-2025-66644 affects Array Networks ArrayOS AG before 9.4.5.9, with an OS command injection vulnerability that could allow an attacker to execute arbitrary commands. Exploitation has been observed in the wild between August and December 2025, impacting ArrayOS AG versions up to 9.4.5.8. Remedia...

VulnCheck KEV: CVE-2025-66644

Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025...

CVE-2025-66644

Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025...

PT-2025-49309

Name of the Vulnerable Software and Affected Versions BACnet Protocol Stack versions prior to 1.5.0.rc2 Description The BACnet Protocol Stack library contains flaws in the npdu is expected reply function within src/bacnet/npdu.c. This function does not properly validate the existence of Applicati...

AZL-71393 CVE-2025-40252 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...

CVE-2025-40252

In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...

UBUNTU-CVE-2025-40252

In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...

CVE-2025-40252 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()

In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...