The First 90 Seconds: How Early Decisions Shape Incident Response Investigations

Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when pressure is high, and information is incomplete. I have seen IR teams recover from sophisticated intrusions with limited telemetry. I...

CVE-2023-43519

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size...

CVE-2025-68251

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loops due to corrupted subpage compact indexes Robert reported an infinite loop observed by two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters in...

Scaling Patterns in Adversarial Alignment: Evidence from Multi-LLM Jailbreak Experiments

Large language models LLMs increasingly operate in multi-agent and safety-critical settings, raising open questions about how their vulnerabilities scale when models interact adversarially. This study examines whether larger models can systematically jailbreak smaller ones - eliciting harmful or...

Linux Distros Unpatched Vulnerability : CVE-2025-40128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix symbolic link reading when bs ps BUG DURING BS PS TEST When running the following script on a btrfs whose block size is larger than page size, e.g. 8...

EUVD-2025-23789

Malicious code in bioql PyPI...

CVE-2022-50271

CVE-2022-50271 affects the Linux kernel’s vhost/vsock code. The issue arises when copying large files over SFTP over vsock, where data sizes commonly reach 32 kB and kmalloc may allocate many 32 kB chunks, leading to a page allocation failure (example: vhost-5837). The root cause is an inefficien...

CVE-2025-27075

Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host...

CVE-2025-22000 mm/huge_memory: drop beyond-EOF folios with the right number of refs

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: drop beyond-EOF folios with the right number of refs When an after-split folio is large and needs to be dropped due to EOF, folioputrefsfolio, folionrpagesfolio should be used to drop all page cache refs. Otherwise...

Security update for gdb

This update for gdb fixes the following issues: Mention changes in GDB 14: GDB now supports the AArch64 Scalable Matrix Extension 2 SME2, which includes a new 512 bit lookup table register named ZT0. GDB now supports the AArch64 Scalable Matrix Extension SME, which includes a new matrix register...

Malicious code in larger-batch-ctr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 656e9c562903fe04cc05fafcf53492252e227e586138c11099ab475fcde70aee A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

Medium: thunderbird

Issue Overview: A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above CVE-2023-6349 Affected Packages: thunderbird Note:...

CVE-2022-48729

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix panic with larger ipoib sendqueuesize When the ipoib sendqueuesize is increased from the default the following panic happens: RIP: 0010:hfi1ipoibdraintxring+0x45/0xf0 hfi1 Code: 31 e4 eb 0f 8b 85 c8 02 00 00 41 83 c4...

UBUNTU-CVE-2023-6349

A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above...

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

CVE-2024-1062 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)

A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in logentryattr...

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

Important: kernel-livepatch-4.14.322-246.539

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Affected Packages: kernel-livepatch-4.14.322-246.539 Issue Correction: Please...

[SECURITY] Fedora 38 Update: salt-3006.4-1.fc38

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 6.5.3, which stems from a buffer size that may be insufficient for frames larger than the MTU...