CVE-2025-24934

CVE-2025-24934 affects FreeBSD kernels. When SO_REUSEPORT_LB is used and a socket is connected, the kernel can place it into a load-balancing group and may deliver incoming packets to sockets that are connected to a different host, breaking the contract that connected sockets only receive packets...

CVE-2025-24934 SO_REUSEPORT_LB breaks connect(2) for UDP sockets

Software which sets SOREUSEPORTLB on a socket and then connects it to a host will not directly observe any problems. However, due to its membership in a load-balancing group, that socket will receive packets originating from any host. This breaks the contract of the connect2 and implied connect v...

aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server

Summary The client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. Details It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...

External Control of File Name or Path

Overview aiomysql is a MySQL driver for asyncio. Affected versions of this package are vulnerable to External Control of File Name or Path via the LOADLOCAL instruction packet. An attacker can obtain arbitrary files from the client system by setting up a malicious MySQL server that sends crafted...

GHSA-CQ46-M9X9-J8W2 Scapy Session Loading Vulnerable to Arbitrary Code Execution via Untrusted Pickle Deserialization

Summary An unsafe deserialization vulnerability in Scapy Internally, this triggers: python main.py SESSION = pickle.loadgzip.opensessionname, "rb" Since no validation or restriction is performed on the deserialized object, any code embedded via reduce will be executed immediately. This makes it...

CVE-2022-50571

In the Linux kernel, the following vulnerability has been resolved: btrfs: call btrfsremovefreespacecachelocked on cache load failure Now that lockdep is staying enabled through our entire CI runs I started seeing the following stack in generic/475 ------------ cut here ------------ WARNING: CPU:...

UBUNTU-CVE-2022-50571

In the Linux kernel, the following vulnerability has been resolved: btrfs: call btrfsremovefreespacecachelocked on cache load failure Now that lockdep is staying enabled through our entire CI runs I started seeing the following stack in generic/475 ------------ cut here ------------ WARNING: CPU:...

CVE-2022-50571

CVE-2022-50571 involves the Linux kernel Btrfs path. The issue arises when loading the free-space cache: a temporary free_space_ctl is used during the load to avoid allocations, but on error cleaning up could touch discardable stats without holding the correct lock. The remediation is to invoke _...

CVE-2022-50571 btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure

In the Linux kernel, the following vulnerability has been resolved: btrfs: call btrfsremovefreespacecachelocked on cache load failure Now that lockdep is staying enabled through our entire CI runs I started seeing the following stack in generic/475 ------------ cut here ------------ WARNING: CPU:...

CVE-2022-50571 btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure

In the Linux kernel, the following vulnerability has been resolved: btrfs: call btrfsremovefreespacecachelocked on cache load failure Now that lockdep is staying enabled through our entire CI runs I started seeing the following stack in generic/475 ------------ cut here ------------ WARNING: CPU:...

FreeBSD Security Advisory - FreeBSD-SA-25:09.netinet

FreeBSD Security Advisory - Connected sockets are not intended to belong to load-balancing groups. However, the kernel failed to check the connection state of sockets when adding them to load-balancing groups. Furthermore, when looking up the destination socket for an incoming packet, the kernel...

PT-2025-43393

Name of the Vulnerable Software and Affected Versions versions prior to kernel release containing the fix affected versions not specified Description A flaw exists where the kernel does not properly validate the connection state of sockets when adding them to load-balancing groups created using t...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system from the FreeBSD Foundation. A security vulnerability exists in FreeBSD, which stems from the kernel adding sockets to a load balancing group without checking the connection state, and matching load balancing group sockets while connected, which could lead ...

FreeBSD-SA-25:09.netinet

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:09.netinet Security Advisory The FreeBSD Project Topic: SOREUSEPORTLB breaks connect2 for UDP sockets Category: core Module: netinet Announced: 2025-10-22...

PT-2025-43406

Name of the Vulnerable Software and Affected Versions aiomysql versions prior to 0.3.0 Description aiomysql does not properly validate client-side settings before transmitting local files to a MySQL server. This allows a malicious server to request arbitrary files from the client by sending a LOA...

PT-2025-43081

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc8+ Description The Linux kernel contains an issue within the Btrfs file system related to handling free space cache loading failures. Specifically, when an error occurs during cache loading, the btrfs...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to call the btrfsremovefreespacecachelocked function when a cache load fails, which could result...

FreeBSD -- SO_REUSEPORT_LB breaks connect(2) for UDP sockets

Problem Description: Connected sockets are not intended to belong to load-balancing groups. However, the kernel failed to check the connection state of sockets when adding them to load-balancing groups. Furthermore, when looking up the destination socket for an incoming packet, the kernel will...

CVE-2025-62528

Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for a project member to put JavaScript in name or description fields which would run on project load. This issue has been patched in version 1.5.0...

EUVD-2025-35143

Malicious code in webpack-css-load-branch npm...