kernel: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

In the Linux kernel, the following vulnerability has been resolved: bpf: Add skisinet and ISICSK check in tlsswhasctxtx/rx As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have...

kernel: net: inet: do not leave a dangling sk pointer in inet_create()

In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains the dangling...

Multiple vulnerabilities in GL-MT2500 and GL-MT2500A

Overview GL-MT2500 and GL-MT2500A provided by GL.iNet contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2024-57391 Inefficient regular expression complexity CWE-1333 - CVE-2025-2811 Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported these vulnerabilities to...

GL.iNet Router 安全漏洞

GL.iNet Router is a series of routers from China's Guanglian Zhitong GL.iNet company. A security vulnerability exists in GL.iNet Router that originates from a buffer overflow in the plugins.so file of the RPC Handler component...

CVE-2025-27581

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints...

CVE-2025-27581

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints...

CVE-2025-27581

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints...

PT-2025-17677 · Nih · Nih Brics

Name of the Vulnerable Software and Affected Versions: NIH BRICS aka Biomedical Research Informatics Computing System versions 14.0.0-67 and earlier Description: The issue allows users without the InET role to access the InET module by making direct requests to known endpoints. Recommendations: F...

CVE-2025-27581

CVE-2025-27581 affects NIH BRICS (Biomedical Research Informatics Computing System) up to version 14.0.0-67, where users lacking the InET role can access the InET module via direct requests to known endpoints. The issue originates from insufficient access controls on InET endpoints, enabling unau...

CVE-2025-27581

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints...

CVE-2025-27581

NIH BRICS aka Biomedical Research Informatics Computing System through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails bsc1230998 CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcprtodeltaus bsc1231993 CVE-2024-50302: Fixed HID: core: zero-initialize the...

Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6create bsc1235218. CVE-2024-57882: mptcp: Fixed TCP options overflow bsc1235916. Patch Instructions: To install this SUSE update use the SUSE recommended...

kernel: tcp: make sure init the accept_queue's spinlocks once

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...

Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: CVE-2024-41090: tap: add missing verification for short frame bsc1228714. CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218. Patch...

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-15060021 fixes several issues. The following security issues were fixed: CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6create bsc1235218. CVE-2024-41090: tap: add missing verification for short frame bsc1228714. Patch Instructions: T...

Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122216 fixes several issues. The following security issues were fixed: CVE-2022-49014: net: tun: Fix use-after-free in tundetach bsc1232818. CVE-2022-49563: crypto: qat - add param check for RSA bsc1238788. CVE-2022-49564: crypto: qat - add param check for...

CVE-2025-22629

Missing Authorization vulnerability in iNET iNET Webkit inet-webkit allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iNET Webkit: from n/a through = 1.2.2...

CVE-2025-22629

Missing Authorization vulnerability in iNET iNET Webkit inet-webkit allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iNET Webkit: from n/a through = 1.2.2...

CVE-2025-22629 WordPress iNET Webkit Plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in iNET iNET Webkit inet-webkit allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects iNET Webkit: from n/a through = 1.2.2...