UBUNTU-CVE-2022-49086

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...

CVE-2022-49089 IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...

CVE-2022-49089 IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...

CVE-2024-34034

An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...

CVE-2024-34034

An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...

CVE-2024-34034

An issue was discovered in FlexRIC 2.0.0. It crashes during a Subscription Request denial-of-service DoS attack, triggered by an assertion error. An attacker must send a high number of E42 Subscription Requests to the Near-RT RIC component...

FlexRIC 安全漏洞

FlexRIC is a RAN Intelligent Controller open-sourced by Mosaic5G. A security vulnerability exists in FlexRIC version 2.0.0 that stems from the presence of an assertion error that could lead to a denial of service DoS...

PT-2025-7887

Name of the Vulnerable Software and Affected Versions FlexRIC version 2.0.0 Description An issue was discovered that causes FlexRIC to crash during a denial-of-service DoS attack. This is triggered by an assertion error when an attacker sends a high number of E42 Subscription Requests to the...

Authentication Bypass

CIE.AspNetCore.Authentication is vulnerable to Authentication Bypass. The vulnerability is due to improper signature validation due to a flaw in the handling of SAML assertions, allowing an attacker to inject a signed element that bypasses verification and enables impersonation of any Spid or CIE...

CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication

CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...

CVE-2025-24894 SAML Response Signature Verification Bypass in SPID.AspNetCore.Authentication

SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the Service...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg that stems from a reachable assertion triggered by a specially crafted AAC file, which could lead to a denial of service...

GNU C Library Buffer Overflow Vulnerability

The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that stems from not allocating enough space for assertion failure message strings and size information when the assert...

CVE-2025-22919

A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service DoS via opening a crafted AAC file...

CVE-2025-22919

A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service DoS via opening a crafted AAC file...

Astra Linux – Vulnerability in bind9

Client queries that trigger the delivery of stale data and also require lookups in local authoritative zone data may result in assertion failures. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

Astra Linux – Vulnerability in avahi

A vulnerability was discovered in Avahi, where there is an accessible assertion in avahidnspacketAppendRecord...

Astra Linux – Vulnerability in avahi

A vulnerability was discovered in Avahi. There exists a potentially exploitable assertion within the dbussethostname function...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fixed the issue of missing lock acquisition before performing sync reset reload operations. During sync reset reload operations, when a remote host updates devlink during the reload process, the lock acquisition before...

Azure Linux 3.0 Security Update: avahi (CVE-2023-38472)

The version of avahi installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-38472 advisory. - A vulnerability was found in Avahi. A reachable assertion exists in the avahirdataparse function...