UBUNTU-CVE-2022-49333

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...

CVE-2022-49659 can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...

CVE-2022-49659 can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...

CVE-2022-49659

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...

CVE-2022-49340

The CVE-2022-49340 entry concerns the Linux kernel GRE/IPGRE path. A vulnerability existed where GRE with TUNNEL_CSUM could mishandle local checksum offload if the csum_start check ran in an inappropriate context. The root cause involved skb_checksum_start checks in the ipgre_xmit flow and the ha...

CVE-2022-49340 ip_gre: test csum_start instead of transport header

In the Linux kernel, the following vulnerability has been resolved: ipgre: test csumstart instead of transport header GRE with TUNNELCSUM will apply local checksum offload on CHECKSUMPARTIAL packets. ipgrexmit must validate csumstart after an optional skbpull, else lcocsum may trigger an overflow...

PT-2025-8386 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, specifically in the dpaa2-eth component. The issue arises when the TSO header is DMA unmapped before retrieving the virtual...

CVE-2025-22676 WordPress Upcasted S3 Offload plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in upcasted AWS S3 for WordPress Plugin – Upcasted upcasted-s3-offload allows Stored XSS.This issue affects AWS S3 for WordPress Plugin – Upcasted: from n/a through = 3.0.3...

CVE-2025-22676 WordPress Upcasted S3 Offload plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in upcasted AWS S3 for WordPress Plugin – Upcasted allows Stored XSS. This issue affects AWS S3 for WordPress Plugin – Upcasted: from n/a through 3.0.3...

Huawei EulerOS: Security Advisory for dpdk (EulerOS-SA-2025-1154)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-43256

Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36...

CVE-2024-10589

The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the importsettings function in all versions up to, and including, 3.1.1. This makes it possible for authenticate...

WordPress Upcasted S3 Offload plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin AWS S3 for WordPress Plugin – Upcasted versions = 3.0.3...

PT-2025-25814

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns the Linux kernel, specifically the net/mlx5e driver. When attempting to enable MQPRIO while HTB offload is already configured, the driver returns -EINVAL and triggers ...

SUSE CVE-2025-21682

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: ip li set dev eth0 xdp obj xdpdummy.bpf.o sec xdp ip li set dev eth0 xdp off ethtool -k eth0 | grep gro...

DEBIAN-CVE-2025-21682

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: ip li set dev eth0 xdp obj xdpdummy.bpf.o sec xdp ip li set dev eth0 xdp off ethtool -k eth0 | grep gro...

DEBIAN-CVE-2025-21674

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel Attempt to enable IPsec packet offload in tunnel mode in debug kernel generates the following kernel panic, which is happening due to two issues: 1. In SA ad...

CVE-2025-21682 eth: bnxt: always recalculate features after XDP clearing, fix null-deref

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: ip li set dev eth0 xdp obj xdpdummy.bpf.o sec xdp ip li set dev eth0 xdp off ethtool -k eth0 | grep gro...

CVE-2025-21674 net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel Attempt to enable IPsec packet offload in tunnel mode in debug kernel generates the following kernel panic, which is happening due to two issues: 1. In SA ad...

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a code issue vulnerability that stems from the bnxt driver not properly recalculating network device characteristics after XDP is disabled, which...