CVE-2025-40907

CVE-2025-40907 affects FCGI 0.44–0.82 with the included fcgi2 library (libfcgi) in Perl-based FCGI; root cause is an integer overflow in ReadParams (fcgiapp.c), leading to a heap-based buffer overflow via crafted nameLen/valueLen. Public advisories indicate fixes across multiple distributions: De...

CVE-2025-40907

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

CVE-2025-40907

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages

Guest post by Dillon Franke, Senior Security Engineer, 20% time on Project Zero Every second, highly-privileged MacOS system daemons accept and process hundreds of IPC messages. In some cases, these message handlers accept data from sandboxed or unprivileged processes. In this blog post, I’ll...

Azure Linux 3.0 Security Update: fcgi (CVE-2025-23016)

The version of fcgi installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23016 advisory. - FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via...

MGASA-2025-0144 Updated fcgi packages fix security vulnerability

FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c. CVE-2025-23016...

FreeBSD : fcgi -- Heap-based buffer overflow via crafted nameLen/valueLen in ReadParams (5f868a5f-2943-11f0-bb22-f02f7432cf97)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5f868a5f-2943-11f0-bb22-f02f7432cf97 advisory. [email protected] reports: FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant...

CVE-2023-53039

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtpdev. If ishprobe...

DEBIAN-CVE-2023-53039

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtpdev. If ishprobe...

CVE-2023-53039

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtpdev. If ishprobe...

CVE-2023-53039

CVE-2023-53039 : In the Linux kernel, the intel-ish-hid IPC path had a use-after-free when a reset-notify IPC message schedules a work function that uses a global ishtp_dev; if ish_probe() fails, resources are freed but the scheduled work is not cancelled. The fix uses devm_work_autocancel() so t...

CVE-2023-53039 HID: intel-ish-hid: ipc: Fix potential use-after-free in work function

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer ishtpdev. If ishprobe...

CVE-2022-49855

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipcpciereadbioscfg ipcpciereadbioscfg is using the acpievaluatedsm to obtain the wwan power state configuration from BIOS but is not freeing the acpiobject. The acpievaluatedsm returned...

CVE-2022-49867

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipcwwandellink IOSM driver registers network device without setting the needsfreenetdev flag, and does NOT call freenetdev when unregisters network device, which causes a memory leak. This patc...

CVE-2022-49855

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipcpciereadbioscfg ipcpciereadbioscfg is using the acpievaluatedsm to obtain the wwan power state configuration from BIOS but is not freeing the acpiobject. The acpievaluatedsm returned...

PT-2025-27987

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.147-1 Debian bookworm, 6.6.101 upstream, and SLE 15 SP4, SLE 15 SP5, SLE 15 SP6, and openSUSE Leap 15.4, 15.5. Description The Linux kernel contains a vulnerability related to a use-after-free condition in th...

The vulnerability in the `ipc/namespace.c` component of the Linux operating system allows a attacker to trigger a service failure.

The vulnerability in the ipc/namespace.c component of the Linux operating system is related to improper memory release before deleting the last reference. Exploiting this vulnerability can allow an attacker to cause a service failure...

Exploit for CVE-2025-2783

CVE-2025-2783 Simulated PoC for CVE-2025-2783 — a sandbox esca...

SUSE CVE-2025-21947

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...

AZL-59862 CVE-2025-21947 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...