SUSE CVE-2025-38552

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

CVE-2025-38552

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

Linux Distros Unpatched Vulnerability : CVE-2025-38491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: make fallback action and fallback decision atomic Syzkaller reported the following splat: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223...

AZL-66329 CVE-2025-38552 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

CVE-2025-38552

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

DEBIAN-CVE-2025-38552

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

UBUNTU-CVE-2025-38552

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

CVE-2025-38552

CVE-2025-38552 concerns the Linux kernel and addresses a race in MPTCP where subflow creation and subflow failure can collide. The issue arises from a race between a subflow failing and the creation of an additional subflow, which could lead to inconsistent socket state if not synchronized. The f...

CVE-2025-38552 mptcp: plug races between subflow fail and subflow creation

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

CVE-2025-38552

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

CVE-2025-38552 mptcp: plug races between subflow fail and subflow creation

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

Linux Distros Unpatched Vulnerability : CVE-2025-38284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: rtw89: pci: configure manual DAC mode via PCI config API only To support 36-bit DMA, configure chip proprietary bit via PCI config API or chip DBI...

Malicious code in express-yandex-host-fallback (npm)

The package express-yandex-host-fallback was found to contain malicious code...

Malicious code in fe-ops-renderizr-client-fallback (npm)

The package fe-ops-renderizr-client-fallback was found to contain malicious code...

MAL-2025-20093 Malicious code in express-yandex-host-fallback (npm)

The package express-yandex-host-fallback was found to contain malicious code...

MAL-2025-20338 Malicious code in fe-ops-renderizr-client-fallback (npm)

The package fe-ops-renderizr-client-fallback was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2024-40916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an...

Linux Distros Unpatched Vulnerability : CVE-2025-22036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after getblock When getblock is called with a bufferhead...

CVE-2025-54886 skops: Card.get_model does not block arbitrary code execution

skops is a Python library which helps users share and ship their scikit-learn based models. In versions 0.12.0 and below, the Card.getmodel does not contain any logic to prevent arbitrary code execution. The Card.getmodel function supports both joblib and skops for model loading. When loading...

CVE-2025-54886 skops: Card.get_model does not block arbitrary code execution

skops is a Python library which helps users share and ship their scikit-learn based models. In versions 0.12.0 and below, the Card.getmodel does not contain any logic to prevent arbitrary code execution. The Card.getmodel function supports both joblib and skops for model loading. When loading...