Qemu-kvm: net: assertion failure in update_sctp_checksum()

...

qemu-kvm: net: assertion failure in update_sctp_checksum()

A flaw was found in QEMU. An assertion failure was present in the updatesctpchecksum function in hw/net/nettxpkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition...

RHEL 9 : qemu-kvm (RHSA-2025:4492)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4492 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...

TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.

...

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

GNU PSPP 安全漏洞

GNU PSPP is an application for data sampling, statistics and analysis. A denial of service vulnerability exists in GNU PSPP, which can be exploited by an attacker to cause assertion failures and application exits...

CVE-2025-47229

CVE-2025-47229 affects GNU PSPP (libpspp-core.a) up to version 2.0.1. The root cause is a denial-of-service condition triggered by crafted input data that causes a var_set_leave_quiet assertion failure and application exit, via a call path from src/data/dictionary.c into src/data/variable.c. Mult...

The vulnerability of the Linux operating system’s kernel’s media component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s kernel media component is related to a reachable assertion. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2022-49849

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in devargsmatchdevice syzkaller found a failed assertion: assertion failed: args-devid != u64-1 || args-missing, in fs/btrfs/volumes.c:6921 This can be triggered when we set devid to u64-1 by ioctl. I...

CVE-2022-49849

CVE-2022-49849 fixes a Linux kernel flaw in the Btrfs dev_args_match_device path. When devid is set to (u64)-1 via ioctl, the match of devid may be skipped and device matching may succeed incorrectly. The issue was introduced by a patch that added the function used to match devices; the two match...

CVE-2022-49849 btrfs: fix match incorrectly in dev_args_match_device

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in devargsmatchdevice syzkaller found a failed assertion: assertion failed: args-devid != u64-1 || args-missing, in fs/btrfs/volumes.c:6921 This can be triggered when we set devid to u64-1 by ioctl. I...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from an improper match of devid by the devargsmatchdevice function in the btrfs driver, which could lead to an...

PT-2025-18566 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the btrfs file system. The issue involves a failed assertion in the dev args match device function, which can be...

glibc: buffer overflow in the GNU C Library's assert()

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...

CVE-2025-29339

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...

PT-2025-22159

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.124 Description A bug in the Linux kernel has been resolved, specifically in the wifi plfxlc module. The plfxlc mac release function incorrectly asserts that mac-lock is held, which is not valid behavior. Thi...

The vulnerability of the SAML (Security Assertion Markup Language) technology in the PAN-OS operating system allows a perpetrator to increase their privileges.

The vulnerability of the SAML Security Assertion Markup Language technology in the PAN-OS operating system is related to improper session management. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

CVE-2025-29339

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...

CVE-2025-29339

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...

CVE-2025-29339

An issue in UPF in Open5GS UPF versions up to v2.7.2 results an assertion failure vulnerability in PFCP session parameter validation. When processing a PFCP Session Establishment Request with PDN Type=0, the UPF fails to handle the invalid value propagated from SMF or via direct attack, triggerin...