PT-2025-30797 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc3+ 23 Description: The Linux kernel contains a flaw in the NVME over TCP implementation related to suspicious RCU Read-Copy-Update usage within the nvme mpath add sysfs link function. This issue manifes...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Details Denial of Service DoS describes a family of attacks, all aim...

Race Condition Vulnerability

org.apache.tomcat, tomcat-util is vulnerable to Race Condition Vulnerability. The vulnerability is due to improper synchronization in the APR/Native connector when handling client-initiated HTTP/2 connection closures, which allows an attacker to exploit race conditions potentially leading to...

CVE-2025-53629

A memory exhaustion flaw has been discovered in cpp-httplib. cpp-httplib allows incoming requests using Transfer-Encoding: chunked in the header to allocate memory arbitrarily in the server, potentially leading to its exhaustion. Mitigation Mitigation for this issue is either not available or the...

CVE-2025-38331 net: ethernet: cortina: Use TOE/TSO on all TCP

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: cortina: Use TOE/TSO on all TCP It is desireable to push the hardware accelerator to also process non-segmented TCP frames: we pass the skb-len to the "TOE/TSO" offloader and it will handle them. Without this quirk...

PT-2025-29053

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's ethernet/cortina driver related to the TCP Offload Engine TOE and TCP Segmentation Offload TSO features. The issue causes instability, lockups, and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper TOE/TSO handling in the cortina Ethernet driver, which could lead to instability...

PT-2025-28869 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-gf3021d9246bc-dirty 118 Description: The Linux kernel is susceptible to a softlockup issue within the mm/shmem and swap subsystems when handling large transparent hugepages mTHP during swapin operations...

CVE-2025-53547

A chart processing flaw was found in helm. This flaw allows an attacker to execute code locally if they can input a crafted Chart.yaml file along with a specially linked Chart.lock file. It is also possible that dependencies are updated during this code execution. Mitigation Mitigation for this...

CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

CVE-2025-5351 Libssh: double free vulnerability in libssh key export functions

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

CVE-2025-5351

CVE-2025-5351 concerns libssh. The root cause is a double-free in the key export path: during error handling, a memory structure is freed but not cleared, which may lead to heap corruption and application instability, especially in low-memory scenarios. The issue is tied to libssh’s key serializa...

CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

Denial Of Service (DoS)

n8n is vulnerable to Denial of Service DoS. The vulnerability is due to improper input handling due to the /rest/binary-data endpoint failing to safely process empty filesystem:// or filesystem-v2:// URIs, leading to application instability or crashes...

kernel: Bluetooth: Fix use after free in hci_send_acl

A vulnerability was found in the Linux kernel's Bluetooth subsystem in the hcidisconnphylinkcompleteevt function. Improper cleanup and reference handling can lead to a connection object, hcon, being freed and then later accessed during a subsequent function call. This issue can lead to a...

Vulnerability of the mhipciremove() function in the drivers/bus/mhi/pcigeneric.c module – A driver for the MHI bus in the Linux kernel, which allows a hacker to cause a service failure.

Vulnerability of the mhipciremove function in the drivers/bus/mhi/pcigeneric.c module – The MHI driver in the Linux kernel is vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a system failure...

PT-2025-26572 · Unknown +1 · Htacg Tidy-Html5 +1

Name of the Vulnerable Software and Affected Versions: HTACG tidy-html5 version 5.8.0 Description: A vulnerability was found in HTACG tidy-html5, affecting the function InsertNodeAsParent of the file src/parser.c. The manipulation leads to null pointer dereference. Local access is required to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from incorrectly disabling the clock, which could lead to system instability...

PT-2025-26140 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the coresight devices, which track their connections and hold a reference to the fwnode. When a device is...