CVE-2025-40123

CVE-2025-40123 affects the Linux kernel BPF tailcalls in the BPF subsystem. A fuzzer found an uninitialized pointer in bpf_prog_test_run_xdp() leading to a NULL pointer dereference when a BPF program accesses txq in an xdp_buff, depending on the program’s expected_attach_type. The root cause is m...

CVE-2025-40123

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel's BPF subsystem. This...

CVE-2025-40123 bpf: Enforce expected_attach_type for tailcall compatibility

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel's BPF subsystem. This...

EUVD-2025-117398

Malicious code in expected-amaranth-cattle npm...

Linux Distros Unpatched Vulnerability : CVE-2025-40123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the...

EUVD-2025-99091

Malicious code in expectedarmadilloz3n npm...

EUVD-2025-105436

Malicious code in expectedreptilez3n npm...

MAL-2025-119867 Malicious code in expected_reptile_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 506204942a33460ca159ce25fa0fd65c501dd2b9e8c63b0fb9e0f2ee12b117e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in expected_wren_0xrequest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a97068859ccd22ad38daaaf9b23077a2d1be5adca45ed6227d8763f2bb03d9ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-94372 Malicious code in expected_gazelle_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 333833d03a56c4bbbc3c1b12de4b05194ec042eed34467ac4b683298181fb83b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-64181

Malicious code in expectedmackerelz3n npm...

Malicious code in expected-silver-urial (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 445a257feac6823453ea3c2e51be3484a514bd08161ff1c59b22e83a4e4c1397 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-54483

Malicious code in expected-coral-reptile npm...

EUVD-2025-54481

Malicious code in expected-silver-urial npm...

EUVD-2025-54482

Malicious code in expected-fuchsia-salmon npm...

EUVD-2025-6104

Malicious code in bioql PyPI...

EUVD-2024-22167

Malicious code in bioql PyPI...

EUVD-2022-7521

Malicious code in bioql PyPI...

EUVD-2023-47930

Malicious code in bioql PyPI...

EUVD-2024-20876

Malicious code in bioql PyPI...