CVE-2025-2857 Incorrect handle could lead to sandbox escapes

Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...

CVE-2025-2857

Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...

The vulnerability of the `ipc_devlink_create_region()` function in the Linux kernel component allows a hacker to trigger a service failure.

The vulnerability of the ipcdevlinkcreateregion function in the Linux kernel component is related to improper input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...

SUSE CVE-2025-21847

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...

CVE-2025-21847

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...

DEBIAN-CVE-2025-21847

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...

AZL-58544 CVE-2025-21847 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...

CVE-2025-21847

CVE-2025-21847 concerns the Linux kernel ASoC: SOF path — stream-ipc handling. The root cause is a missing NULL check for sps->cstream in sof_ipc_msg_data(), which can lead to a NULL pointer dereference if sps->stream is NULL or cstream is NULL. The issue is mitigated by the published patch...

CVE-2025-21847

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: stream-ipc: Check for cstream nullity in sofipcmsgdata The nullity of sps-cstream should be checked similarly as it is done in sofsetstreamdataoffset function. Assuming that it is not NULL if sps-stream is NULL is...

CVE-2025-25680

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuyaipcdirectconnect function of the anykaipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera...

CVE-2024-56181

A vulnerability has been identified in SIMATIC Field PG M5 All versions, SIMATIC IPC BX-21A All versions V31.01.07, SIMATIC IPC BX-32A All versions V29.01.07, SIMATIC IPC BX-39A All versions V29.01.07, SIMATIC IPC BX-59A All versions V32.01.04, SIMATIC IPC PX-32A All versions V29.01.07, SIMATIC I...

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...

firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process CVE-2025-1930 firefox:...

CVE-2025-20206 Cisco Secure Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability

A vulnerability in the interprocess communication IPC channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This...

SUSE CVE-2025-1930

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird...

Linux Distros Unpatched Vulnerability : CVE-2024-3056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least o...

CVE-2025-1930

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability affects Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

SUSE CVE-2025-21748

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix integer overflows on 32 bit systems On 32bit systems the addition operations in ipcmsgalloc can potentially overflow leading to memory corruption. Add bounds checking using KSMBDIPCMAXPAYLOAD to avoid overflow...