Bugsink: DOS using large numbers of event tags

Summary In affected versions, Bugsink stores every tag supplied with an incoming event. An event with an unusually large number of custom i.e. supplied by an attacker tags can therefore make ingestion spend more time than intended writing tag rows. Bugsink uses a single-writer database...

CVE-2025-71077

In the Linux kernel vulnerability CVE-2025-71077, tpm2_get_pcr_allocation() did not cap the number of PCR banks, allowing out-of-bounds values to cause more than minimal harm. The fix caps the limit to eight banks, limiting potential damage from external I/O. The issue affects the TPM/PCR allocat...