SUSE CVE-2025-38223

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUGON for the case of encrypted inode with unaligned file size for example, 33K or 1K: 877.737811 run fstests generic/397 at 2025-01-...

SUSE CVE-2025-48494

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. When using end-to-end encryption, a stored cross-site scripting vulnerability can be exploited by uploading a file with JavaScript code embedded in the filename. After upload and every time someone opens...

DEBIAN-CVE-2025-38223

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUGON for the case of encrypted inode with unaligned file size for example, 33K or 1K: 877.737811 run fstests generic/397 at 2025-01-...

CVE-2025-38223

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUGON for the case of encrypted inode with unaligned file size for example, 33K or 1K: 877.737811 run fstests generic/397 at 2025-01-...

UBUNTU-CVE-2025-38223

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUGON for the case of encrypted inode with unaligned file size for example, 33K or 1K: 877.737811 run fstests generic/397 at 2025-01-...

CVE-2025-38223 ceph: avoid kernel BUG for encrypted inode with unaligned file size

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUGON for the case of encrypted inode with unaligned file size for example, 33K or 1K: 877.737811 run fstests generic/397 at 2025-01-...

CVE-2025-38223

CVE-2025-38223 : Linux kernel fix for a kernel BUG triggered by an encrypted inode with an unaligned file size (e.g., 33K or 1K) in Ceph-related code paths. The issue manifests as a kernel OOPS/crash via a bug in ceph_msg_data_cursor_init in net/ceph/messenger.c during ceph_con_workfn processing,...

CVE-2025-38223 ceph: avoid kernel BUG for encrypted inode with unaligned file size

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUGON for the case of encrypted inode with unaligned file size for example, 33K or 1K: 877.737811 run fstests generic/397 at 2025-01-...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a kernel bug triggered when encrypted inode file sizes are not aligned...

CVE-2025-52101

linjiashop =0.9 is vulnerable to Incorrect Access Control. When using the default-generated JWT authentication, attackers can bypass the authentication and retrieve the encrypted "password" and "salt". The password can then be obtained through brute-force cracking...

USN-7582-2 samba regression

USN-7582-1 fixed vulnerabilities in Samba. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker...

PT-2025-33551

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Secure TSC frequency calculation in SEV-SNP VMs. The GUEST TSC FREQ MSR reports a frequency based on the nominal P0 frequency, which deviate...

Under the Hood of BlotchyQuasar: DLL-Based RAT Campaigns against Latin America

A sophisticated malspam campaign was recently uncovered targeting Latin American countries, with a particular focus on Brazil. This operation utilizes a highly deceptive phishing email to trick users into executing a malicious MSI file, initiating a multi-stage infection. The core of the attack...

[SECURITY] Fedora 42 Update: atuin-18.3.0-4.fc42

Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server...

The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller (NDFC) and the Cisco Nexus Dashboard platform for analyzing and automating cloud-based data center operations allows attackers to impersonate other users and obtain encrypted user credentials.

The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller NDFC and the Cisco Nexus Dashboard cloud network analytics and automation platform is related to insufficient security checks for the protected connection. Exploiting this vulnerability allows a...

HE-LRM: Encrypted Deep Learning Recommendation Models Using Fully Homomorphic Encryption

Fully Homomorphic Encryption FHE is an encryption scheme that not only encrypts data but also allows for computations to be applied directly on the encrypted data. While computationally expensive, FHE can enable privacy-preserving neural inference in the client-server setting: a client encrypts...

Violence-as-a-Service: Encrypted Apps Used in Recruiting Teens as Hitmen

European police, led by Denmark and Sweden, are arresting individuals in a crackdown on violence-as-a-service, where criminal groups recruit teenagers online for contract killings. Learn about Europol's OTF GRIMM task force and how they're fighting this disturbing trend...

Privacy-Preserving LLM Interaction with Socratic Chain-Of-Thought Reasoning and Homomorphically Encrypted Vector Databases

Large language models LLMs are increasingly used as personal agents, accessing sensitive user data such as calendars, emails, and medical records. Users currently face a trade-off: They can send private records, many of which are stored in remote databases, to powerful but untrusted LLM providers...

UBUNTU-CVE-2022-50226

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

Astra Linux – Vulnerability in qtbase-opensource-src

A issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code that makes security-related decisions regarding established connections may execute prematurely, because the encrypted signal has not yet been...