10 matches found
CVE-2025-38525
A flaw was found in the Linux kernel’s Remote Execution RPC RxRPC implementation, where the rxrpcassessMTUsize function is invoked with interrupts disabled during the handling of an incoming call. This function queries the IP layer for route MTU information, but the IP layer internally uses...
CVE-2025-38525
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...
UBUNTU-CVE-2025-38525
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...
CVE-2025-38525
CVE-2025-38525 concerns the Linux kernel RXRPC path. The vulnerability arises when accepting an incoming RXRPC call: rxrpc_assess_MTU_size() traverses to the IP layer to determine MTU while interrupts are disabled, and the IP layer may call local_bh_enable(), which can trigger a warning if IRQs a...
CVE-2025-38525 rxrpc: Fix irq-disabled in local_bh_enable()
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in localbhenable The rxrpcassessMTUsize function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, this is called from rxrpcnewincomingcall which holds...
UBUNTU-CVE-2024-49864
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix a race between socket set up and I/O thread creation In rxrpcopensocket, it sets up the socket and then sets up the I/O thread that will handle it. This is a problem, however, as there's a gap between the two phases in...
The vulnerability of the qemuDomainGetStatsIOThread function in the qemu_driver.c component of the Libvirt virtualization management library allows a attacker to cause a service failure.
The vulnerability of the qemuDomainGetStatsIOThread function in the qemudriver.c component of the Libvirt control library is related to improper memory release before deleting the last references. Exploiting this vulnerability allows an attacker to trigger a service failure remotely...
undertow: IO thread DoS via unclean Websocket closing
It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS...
undertow: IO thread DoS via unclean Websocket closing
It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS...
undertow: IO thread DoS via unclean Websocket closing
It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS...