CVE-2022-50579

CVE-2022-50579 affects the Linux kernel on arm64 with ftrace when modules use PLTs and mcount. The issue arises from a kata of the ftrace PLT handling after commit a6253579, where ftrace_make_nop() assumes the callsite uses the kernel trampoline PLT while module PLTs may be out-of-range. As modul...

CVE-2022-50579 arm64: ftrace: fix module PLTs with mcount

In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: fix module PLTs with mcount Li Huafei reports that mcount-based ftrace with module PLTs was broken by commit: a6253579977e4c6f "arm64: ftrace: consistently handle PLTs." When a module PLTs are used and a module is...

CVE-2025-59056 FreePBX vulnerable to unauthenticated Denial of Service

FreePBX is an open-source web-based graphical user interface. In FreePBX 15, 16, and 17, malicious connections to the Administrator Control Panel web interface can cause the uninstall function to be triggered for certain modules. This function drops the module's database tables, which is where mo...

CVE-2025-59056

CVE-2025-59056 affects FreePBX versions 15 (15.0.0–15.0.37), 16 (16.0.0–16.0.40), and 17 (17.0.0–17.0.20). The root cause is that malicious connections to the Administrator Control Panel web interface can trigger the uninstall function for certain modules, which then drops the module databases wh...

FreePBX 路径遍历漏洞

FreePBX formerly known as Asterisk Management Portal is a suite of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A path traversal vulnerability exists in FreePBX versions 15, 16, and 17, which stems from a malicious...