CVE-2025-1908 Business Logic Errors in GitLab

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server version 11.7...

CVE-2025-37925 jfs: reject on-disk inodes of an unsupported type

In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted...

Everything You Wanted to Know about LLM-Based Vulnerability Detection but Were Afraid to Ask

Large Language Models are a promising tool for automated vulnerability detection, thanks to their success in code generation and repair. However, despite widespread adoption, a critical question remains: Are LLMs truly effective at detecting real-world vulnerabilities? Current evaluations, which...

CVE-2024-11084

Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

SUSE CVE-2025-22022

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...

AZL-60459 CVE-2025-22872 affecting package cri-tools for versions less than 1.32.0-2

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

UBUNTU-CVE-2025-22872

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

CVE-2025-22060

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached shadow SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly accessed by configuring an...

DEBIAN-CVE-2025-22049

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCHDMAMINALIGN up to 16 ARCHDMAMINALIGN is 1 by default, but some LoongArch-specific devices such as APBDMA require 16 bytes alignment. When the data buffer length is too small, the hardware may make an error...

CVE-2024-58094

In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfstruncatenolock Added a check for "read-only" mode in the jfstruncatenolock function to avoid errors related to writing to a read-only filesystem. Call stack: blockwritebegin...

CVE-2025-22100 drm/panthor: Fix race condition when gathering fdinfo group samples

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups with an xarray lock, which could lead to use-after-free errors...

CVE-2025-22100 drm/panthor: Fix race condition when gathering fdinfo group samples

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups with an xarray lock, which could lead to use-after-free errors...

CVE-2025-22060 net: mvpp2: Prevent parser TCAM memory corruption

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached shadow SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly accessed by configuring an...

CVE-2025-22060 net: mvpp2: Prevent parser TCAM memory corruption

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached shadow SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly accessed by configuring an...

CVE-2024-58095 jfs: add check read-only before txBeginAnon() call

In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before txBeginAnon call Added a read-only check before calling txBeginAnon in extAlloc and extRecord. This prevents modification attempts on a read-only mounted filesystem, avoiding potential errors or...

CVE-2024-58093 PCI/ASPM: Fix link state exit during switch upstream function removal

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f "PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free", we would free the ASPM link only after the last function on the b...

CVE-2025-22022

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...

CVE-2025-22022 usb: xhci: Apply the link chain quirk on NEC isoc endpoints

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...