Lucene search
K

7 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2025/07/07 12:0 a.m.5 views

incus-6.14-1.1 on GA media (moderate)

incus-6.14-1.1 on GA media Announcement ID: openSUSE-SU-2025:15317-1 Rating: moderate Cross-References: CVE-2025-52889 CVE-2025-52890 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...

8.1CVSS6.6AI score0.00202EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/25 7:33 p.m.4 views

CVE-2025-52889

A DHCP pool management issue has been discovered in Incus. When using an ACL on a device connected to a bridge, a combination of nftables rules may cause available IP addresses to become exhausted. Mitigation Mitigation for this issue is either not available or the currently available options do...

3.4CVSS6.4AI score0.00202EPSS
Exploits0References2
NVD
NVD
added 2025/06/25 5:15 p.m.5 views

CVE-2025-52889

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

3.4CVSS0.00202EPSS
Exploits0References3
CVE
CVE
added 2025/06/25 4:49 p.m.27 views

CVE-2025-52889

Incus (system container/VM manager) on versions 6.12–6.13 is vulnerable when an ACL on a bridge-connected device is used: nftables rules for local services can bypass security.mac_filtering, security.ipv4_filtering, and security.ipv6_filtering, enabling DHCP pool exhaustion and potential further ...

3.4CVSS7.2AI score0.00202EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/25 4:49 p.m.11 views

CVE-2025-52889 Incus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with ACLs

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

3.4CVSS0.00202EPSS
Exploits0References3
OSV
OSV
added 2025/06/25 4:49 p.m.3 views

CVE-2025-52889 Incus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with ACLs

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

3.4CVSS6.2AI score0.00202EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2025/06/25 4:49 p.m.4 views

CVE-2025-52889

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

3.4CVSS7.3AI score0.00202EPSS
Exploits0
Rows per page
Query Builder