dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

DEBIAN-CVE-2025-22101

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix Tx L4 checksum The hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol. There was a bug to set Tx checksum flag for the other protocol that results in Tx ring hang. Fix to compute software checksu...

UBUNTU-CVE-2025-22101

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix Tx L4 checksum The hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol. There was a bug to set Tx checksum flag for the other protocol that results in Tx ring hang. Fix to compute software checksu...

DEBIAN-CVE-2025-22065

In the Linux kernel, the following vulnerability has been resolved: idpf: fix adapter NULL pointer dereference on reboot With SRIOV enabled, idpf ends up calling into idpfremove twice. First via idpfshutdown and then again when idpfremove calls into sriovdisable, because the VF devices use the id...

UBUNTU-CVE-2025-22061

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix qid report in airohatcgethtbgetleafqueue Fix the following kernel warning deleting HTB offloaded leafs and/or root HTB qdisc in airohaeth driver properly reporting qid in airohatcgethtbgetleafqueue routine. $tc...

SUSE CVE-2025-21970

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEVCHANGEUPPER event is triggered. Driver finds the lower devices PFs to flush all the offloaded entries. And mlx5lagissharedfdb i...

SUSE CVE-2025-21980

In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path, invoking greddestroy. This, in turn, calls gredoffload, where...

SUSE CVE-2025-21960

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: do not update checksum in bnxtxdpbuildskb The bnxtrxpkt updates ipsummed value at the end if checksum offload is enabled. When the XDP-MB program is attached and it returns XDPPASS, the bnxtxdpbuildskb is called to...

DEBIAN-CVE-2025-21970

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEVCHANGEUPPER event is triggered. Driver finds the lower devices PFs to flush all the offloaded entries. And mlx5lagissharedfdb i...

DEBIAN-CVE-2025-21960

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: do not update checksum in bnxtxdpbuildskb The bnxtrxpkt updates ipsummed value at the end if checksum offload is enabled. When the XDP-MB program is attached and it returns XDPPASS, the bnxtxdpbuildskb is called to...

UBUNTU-CVE-2025-21980

In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path, invoking greddestroy. This, in turn, calls gredoffload, where...

UBUNTU-CVE-2025-21970

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Bridge, fix the crash caused by LAG state check When removing LAG device from bridge, NETDEVCHANGEUPPER event is triggered. Driver finds the lower devices PFs to flush all the offloaded entries. And mlx5lagissharedfdb i...

UBUNTU-CVE-2025-21960

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: do not update checksum in bnxtxdpbuildskb The bnxtrxpkt updates ipsummed value at the end if checksum offload is enabled. When the XDP-MB program is attached and it returns XDPPASS, the bnxtxdpbuildskb is called to...

CVE-2025-21980 sched: address a potential NULL pointer dereference in the GRED scheduler.

In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path, invoking greddestroy. This, in turn, calls gredoffload, where...

CVE-2025-21960 eth: bnxt: do not update checksum in bnxt_xdp_build_skb()

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: do not update checksum in bnxtxdpbuildskb The bnxtrxpkt updates ipsummed value at the end if checksum offload is enabled. When the XDP-MB program is attached and it returns XDPPASS, the bnxtxdpbuildskb is called to...

CVE-2025-22360 WordPress WP Azure offload plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in promact WP Azure offload wp-azure-offload allows Reflected XSS.This issue affects WP Azure offload: from n/a through = 2.0...

CVE-2025-22360 WordPress WP Azure offload plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound WP Azure offload allows Reflected XSS. This issue affects WP Azure offload: from n/a through 2.0...

WordPress plugin WP Azure offload 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

UBUNTU-CVE-2023-52991

In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer in skbsegmentlist Commit 3a1296a38d0c "net: Support GRO/GSO fraglist chaining." introduced UDP listifyed GRO. The segmentation relies on fraglist being untouched when passing through the network stack. This...