7041 matches found
SUSE CVE-2022-49086
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...
CVE-2025-21754 btrfs: fix assertion failure when splitting ordered extent after transaction abort
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix assertion failure when splitting ordered extent after transaction abort If while we are doing a direct IO write a transaction abort happens, we mark all existing ordered extents with the BTRFSORDEREDIOERR flag done at...
CVE-2025-21754
The CVE-2025-21754 affects Linux kernel btrfs behavior. When a direct IO write triggers a transaction abort, ordered extents are marked with BTRFS_ORDERED_IOERR, and if an ordered extent still has bytes remaining, btrfs_split_ordered_extent() asserts on flags. The documented root cause is an asse...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the btrfssplitorderedextent function not properly handling the BTRFSORDEREDIOERR flag when handling a...
DEBIAN-CVE-2022-49089
In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...
DEBIAN-CVE-2022-49086
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...
UBUNTU-CVE-2022-49086
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...
CVE-2022-49089 IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition
In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...
CVE-2022-49089 IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition
In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...
CVE-2024-34034
An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...
PT-2025-7887
Name of the Vulnerable Software and Affected Versions FlexRIC version 2.0.0 Description An issue was discovered that causes FlexRIC to crash during a denial-of-service DoS attack. This is triggered by an assertion error when an attacker sends a high number of E42 Subscription Requests to the...
CVE-2024-34034
An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...
CVE-2024-34034
An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...
FlexRIC 安全漏洞
FlexRIC is a RAN Intelligent Controller open-sourced by Mosaic5G. A security vulnerability exists in FlexRIC version 2.0.0 that stems from the presence of an assertion error that could lead to a denial of service DoS...
Authentication Bypass
CIE.AspNetCore.Authentication is vulnerable to Authentication Bypass. The vulnerability is due to improper signature validation due to a flaw in the handling of SAML assertions, allowing an attacker to inject a signed element that bypasses verification and enables impersonation of any Spid or CIE...
CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication
CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...
CVE-2025-24894 SAML Response Signature Verification Bypass in SPID.AspNetCore.Authentication
SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the Service...
GNU C Library Buffer Overflow Vulnerability
The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that stems from not allocating enough space for assertion failure message strings and size information when the assert...
FFmpeg 安全漏洞
FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg that stems from a reachable assertion triggered by a specially crafted AAC file, which could lead to a denial of service...
CVE-2025-22919
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service DoS via opening a crafted AAC file...