CVE-2025-71097

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fibtableflush is called to flush all the routes that are using the dead nexthop. The...

undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer

An information leak vulnerability was found in Undertow. If all headers are not written out in the first write call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests...