273 matches found
PT-2026-27741
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the nvmet-fcloop component. Specifically, a missing check for the remoteport port state before invoking the done callback in nvme fc handle ls rqs...
PT-2026-28333
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the rust binder component related to handling binder death notifications. Specifically, the set notification done function may be called without...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a data contention when accessing cqprequest-requestdone, which could lead to data inconsistencies...
iomap: allocate s_dio_done_wq for async reads as well
...
CVE-2023-54159
No public technical details about CVE-2023-54159 are provided in the connected documents. The materials mention the Linux kernel mtu3 issue but do not specify affected versions, exploit info, or fixes. Monitor for updates from vendors/security advisories.
CVE-2023-53822
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Ignore frags from uninitialized peer in dp. When max virtual ap interfaces are configured in all the bands with ACS and hostapd restart is done every 60s, a crash is observed at random times. In this certain scenari...
github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame
A denial of service flaw has been discovered in the quic-go golang library. A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during...
github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame
A denial of service flaw has been discovered in the quic-go golang library. A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during...
Denial-of-Service (DoS)
quic-go is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to improper handling of premature HANDSHAKEDONE frames during the QUIC handshake, where an assertion failure can be triggered by a misbehaving or malicious server, allowing attackers to crash the client process without...
SUSE CVE-2025-59530
quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...
CVE-2025-54330
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Out-of-bounds Read of q-bufs in the isdoneforme function...
CVE-2025-54330
CVE-2025-54330 affects Samsung Mobile Processor Exynos 1380 (NPU) with an out-of-bounds read in the __is_done_for_me function, through July 2025. Vulnerable component: NPU inside the Exynos 1380 SoC. Impact as per CVSS: Medium (5.3), networked, requires no user interaction, no privileges. No fixe...
SAMSUNG Mobile Processor Exynos 安全漏洞
SAMSUNG Mobile Processor Exynos is a system-on-chip SoC from South Korea's Samsung SAMSUNG dedicated to smartphones and tablets. A security vulnerability exists in SAMSUNG Mobile Processor Exynos July 2025 and earlier, which stems from an out-of-bounds read of q-bufs in the isdoneforme function...
quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame
...
CVE-2025-59530
quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...
EUVD-2025-33746
quic-go: Panic occurs when queuing undecryptable packets after handshake completion...
quic-go: Panic occurs when queuing undecryptable packets after handshake completion
Summary A misbehaving or malicious server can trigger an assertion in a quic-go client and crash the process by sending a premature HANDSHAKEDONE frame during the handshake. Impact A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an...
GHSA-47M2-4CR7-MHCW quic-go: Panic occurs when queuing undecryptable packets after handshake completion
Summary A misbehaving or malicious server can trigger an assertion in a quic-go client and crash the process by sending a premature HANDSHAKEDONE frame during the handshake. Impact A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion in the handshake phase. An attacker can cause the client to crash by sending a premature HANDSHAKEDONE frame. Remediation Upgrade github.com/quic-go/quic-go to version 0.49.1, 0.54.1 or higher. References - GitHub PR...
CVE-2025-59530
quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...