Lucene search
K

6 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2025/07/07 12:0 a.m.5 views

incus-6.14-1.1 on GA media (moderate)

incus-6.14-1.1 on GA media Announcement ID: openSUSE-SU-2025:15317-1 Rating: moderate Cross-References: CVE-2025-52889 CVE-2025-52890 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...

8.1CVSS6.6AI score0.00202EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/06/25 5:15 p.m.6 views

CVE-2025-52890

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...

8.1CVSS6AI score0.00195EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/25 4:51 p.m.6 views

CVE-2025-52890 Incus vulnerable to antispoofing nftables firewall rule bypass on bridge networks with ACLs

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...

8.1CVSS7.2AI score0.00195EPSS
Exploits0References2
CVE
CVE
added 2025/06/25 4:51 p.m.29 views

CVE-2025-52890

Incus CVE-2025-52890 affects the Incus system container/VM manager; versions 6.12 and 6.13 generate nftables rules when an ACL is used on a bridge-connected device, which partially bypasses security.mac_filtering, security.ipv4_filtering and security.ipv6_filtering. This can enable ARP spoofing o...

8.1CVSS7.2AI score0.00195EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/06/25 4:51 p.m.6 views

CVE-2025-52890

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...

8.1CVSS5.3AI score0.00195EPSS
Exploits0
Circl
Circl
added 2025/06/25 2:13 p.m.7 views

CVE-2025-52890

creationtimestamp| type| source ---|---|--- 2025-06-25 14:13:03+00:00| published-proof-of-concept| https://github.com/lxc/incus/security/advisories/GHSA-p7fw-vjjm-2rwp 2025-06-25 18:06:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19497 2025-06-25 20:39:50+00:00| see...

8.1CVSS5.9AI score0.00195EPSS
Exploits0References4
Rows per page
Query Builder