AZL-64809 CVE-2025-48367 affecting package redis for versions less than 6.2.18-3

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...

DEBIAN-CVE-2025-48367

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...

UBUNTU-CVE-2025-48367

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...

CVE-2025-48367

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...

CVE-2025-48367 Redis DoS Vulnerability due to bad connection error handling

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...

CVE-2025-48367

Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19...

CVE-2025-48367

Summary of CVE-2025-48367 (Redis) : An unauthenticated connection can trigger repeated IP protocol errors in Redis, leading to client starvation and a denial of service. The advisory notes fixes in Redis releases: 8.0.3, 7.4.5, 7.2.10, and 6.2.19. Public sources in the connected documents confirm...

Alibaba Cloud Linux 3 : 0103: gimp:2.8 (ALINUX3-SA-2025:0103)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0103 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-48797: A flaw was found in GIMP...

ROS-20250707-05

A vulnerability in the Google Chrome browser is related to post-release usage errors in Animation in Google Chrome. Exploitation of the vulnerability could allow an attacker acting remotely, compromise a vulnerable system...

CVE-2025-49600

A flaw was found in mbedtls. The mbedtlslmsverify function may accept forged Leighton-Micali signatures when hash computation fails and internal error conditions are not properly checked. This flaw allows an attacker with physical access to create invalid signatures. This issue occurs because...

redis,valkey -- DoS Vulnerability due to bad connection error handling

@julienperriercornet reports: An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service...

GHSA-3QHF-M339-9G5V MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS

A validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability 500 errors until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Thank y...

CVE-2025-53366 MCP SDK Vulnerable to FastMCP Server Validation Error, Leading to Denial of Service

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability 500 errors until manually...

CVE-2025-38234

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in pushrttask Overview ======== When a CPU chooses to call pushrttask and picks a task to push to another CPU's runqueue then it will call findlocklowestrq method which would take a double lock on both CPUs'...

CVE-2025-38234 sched/rt: Fix race in push_rt_task

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in pushrttask Overview ======== When a CPU chooses to call pushrttask and picks a task to push to another CPU's runqueue then it will call findlocklowestrq method which would take a double lock on both CPUs'...

CVE-2025-38225 media: imx-jpeg: Cleanup after an allocation error

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Cleanup after an allocation error When allocation failures are not cleaned up by the driver, further allocation errors will be false-positives, which will cause buffers to remain uninitialized and cause NULL...

CVE-2025-49600

In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsverify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS Leighton-Micali Signature forgery in a fault scenario. Specifically, unchecked return values in mbedtlslmsverify allow an attacker who can induce ...

PT-2025-28000

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, specifically in the media: imx-jpeg component. The issue arises when allocation failures are not properly cleaned up by the...

UBUNTU-CVE-2025-38153

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of usbnet read calls Syzkaller, courtesy of syzbot, identified an error see report 1 in aqc111 driver, caused by incomplete sanitation of usb read calls' results. This problem is quite similar...

CVE-2025-38167 fs/ntfs3: handle hdr_first_de() return value

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdrfirstde return value The hdrfirstde function returns a pointer to a struct NTFSDE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help...