DNS message with invalid TSIG causes an assertion failure

...

PT-2025-30366 · Crates.Io · Static-Alloc

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various allocmethods would then read and write the start of that memory as a Cell which isundefined behavior. Instead, it should zero initialize the start of the allocated...

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper...

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper...

PT-2025-30314 · Crates.Io · Static-Alloc

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various alloc methods would then read and write the start of that memory as a Cell which is undefined behavior. Instead, it should zero initialize the start of the allocate...

AZL-64884 CVE-2025-38274 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

UBUNTU-CVE-2025-38287

In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg, which...

UBUNTU-CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

CVE-2025-38287 IB/cm: Drop lockdep assert and WARN when freeing old msg

In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg, which...

mod_http2 -- Multiple vulnerabilities

The modhttp2 project reports: a client can increase memory consumption for a HTTP/2 connection via repeated request header names,leading to denial of service certain proxy configurations whith modproxyhttp2 as the backend, an assertion can be triggered by certain requests, leading to denial of...

OESA-2025-1725 qt6-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that...

CVE-2025-6952

A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amfstateoperational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the loc...

CVE-2025-6952

A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amfstateoperational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the loc...

CVE-2025-6952

A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amfstateoperational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the loc...

CVE-2025-6952 Open5GS AMF Service amf-sm.c amf_state_operational assertion

A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function amfstateoperational of the file src/amf/amf-sm.c of the component AMF Service. The manipulation leads to reachable assertion. It is possible to launch the attack on the loc...

CVE-2025-6952

Open5GS up to version 2.7.5 contains a vulnerability in the AMF Service component, specifically the amf_state_operational function in src/amf/amf-sm.c. The issue causes a reachable assertion and can be exploited by an attacker with local access, enabling a local threat scenario. The patch identif...

PT-2025-27524 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5GS versions up to 2.7.5 Description: A problematic issue has been found in Open5GS, affecting the amf state operational function of the file src/amf/amf-sm.c in the AMF Service component. This issue leads to a reachable assertion and can...

CVE-2023-28910

A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing assertion functions. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number...

CVE-2023-28910

A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing assertion functions. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number...

CVE-2023-28910 Disabled Abortion Flag

A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing assertion functions. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number...