UBUNTU-CVE-2025-38269

In the Linux kernel, the following vulnerability has been resolved: btrfs: exit after state insertion failure at btrfsconvertextentbit If insertstate state failed it returns an error pointer and we call extentiotreepanic which will trigger a BUG call. However if CONFIGBUG is disabled, which is an...

CVE-2025-38269

CVE-2025-38269 affects the Linux kernel, specifically the btrfs path. When exit after a state insertion failure occurs in btrfs_convert_extent_bit(), if insert_state() fails and CONFIG_BUG is disabled, the code falls through to cache_state() and dereferences the error pointer, causing an invalid ...

CVE-2025-38269 btrfs: exit after state insertion failure at btrfs_convert_extent_bit()

In the Linux kernel, the following vulnerability has been resolved: btrfs: exit after state insertion failure at btrfsconvertextentbit If insertstate state failed it returns an error pointer and we call extentiotreepanic which will trigger a BUG call. However if CONFIGBUG is disabled, which is an...

Quantum Properties Trojans (QuPTs) for Attacking Quantum Neural Networks

Quantum neural networks QNN hold immense potential for the future of quantum machine learning QML. However, QNN security and robustness remain largely unexplored. In this work, we proposed novel Trojan attacks based on the quantum computing properties in a QNN-based binary classifier. Our propose...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a state insertion failure issue in btrfs, which could lead to invalid memory accesses...

Citizen vulnerable to Stored XSS through short descriptions

Summary Short descriptions set via the ShortDescription extension are inserted as raw HTML by the Citizen skin, allowing any user to insert arbitrary HTML into the DOM by editing a page. Details The shortdesc property, which contains unsanitized user input, is retrieved from the OutputPage and...

CVE-2025-53369

Short Description is a MediaWiki extension that provides local short description support. In version 4.0.0, short descriptions are not properly sanitized before being inserted as HTML using mw.util.addSubtitle, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue...

CVE-2025-53369 Citizen Short Description stored XSS vulnerability through wikitext

Short Description is a MediaWiki extension that provides local short description support. In version 4.0.0, short descriptions are not properly sanitized before being inserted as HTML using mw.util.addSubtitle, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue...

CVE-2025-53370

CVE-2025-53370 concerns the Citizen MediaWiki skin. Versions 1.9.4 up to 3.3.9 expose a stored XSS via the ShortDescription extension: the shortdesc is inserted into the DOM as raw HTML, enabling arbitrary HTML/JS execution by page edits. A patch exists in version 3.4.0. Public references and adv...

CVE-2025-53368

Citizen is a MediaWiki skin. CVE-2025-53368 affects Citizen versions 1.9.4 up to, but not including, 3.4.0, where page descriptions are inserted into raw HTML without sanitization when using the legacy search bar. This enables stored XSS by any user with page editing privileges targeting other us...

UBUNTU-CVE-2025-38148

In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the frame, so there is ...

TabberNeue vulnerable to Stored XSS through wikitext

Summary Arbitrary HTML can be inserted into the DOM by inserting a payload into any allowed attribute of the tag. Details The args provided within the wikitext as attributes to the tag are passed to the TabberComponentTabs class:...

kernel: ext4: fix off-by-one error in do_split

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in dosplit Syzkaller detected a use-after-free issue in ext4insertdentry that was caused by out-of-bounds access due to incorrect splitting in dosplit. BUG: KASAN: use-after-free in...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: btrfs: The program exits after a state insertion failure at btrfsconvertextentbit. If the insertstate function fails, it returns an error pointer. We then call extentiotreepanic, which will trigger a BUG. However, if CONFIGBUG is...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not flush non-uploaded STAs. If the STA state is pre-moved to AUTHORIZED such as in IBSS scenarios, and the insertion attempt fails, the station is freed. In this case, the driver never knew about the station;...

CVE-2025-49577

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1...

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...

CVE-2025-49575

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

CVE-2025-49577

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1...

CVE-2025-49576 Citizen allows stored XSS in search no result messages

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerabilit...