CVE-2025-65565

CVE-2025-65565 affects the omec-project UPF pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request missing the mandatory F-SEID Information Element can cause the session establishment handler to call IE.FSEID() on a nil pointer, triggering a panic and terminating the UP...

CVE-2025-65563

CVE-2025-65563 affects omec-project UPF (upf-epc/pfcpiface). A NULL pointer dereference occurs in the association setup handler when a PFCP Association Setup Request omits the mandatory NodeID Information Element, causing a panic and UPF process termination. An attacker able to send PFCP Associat...

CVE-2025-65562

The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very large SEID e.g., 0xFFFFFFFFFFFFFFFF that causes an integer conversion/underflow in LocalNode.DeleteSess /...

CVE-2025-65562

The CVE-2025-65562 issue affects the free5GC UPF component, where a lack of bounds checking on the SEID during PFCP Session Deletion requests can trigger a Go runtime panic and denial of service. Specifically, processing a very large SEID (for example, 0xFFFFFFFFFFFFFFFF) can cause an integer con...

CVE-2025-65566

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Session Report Response that is missing the mandatory Cause Information Element, the session report handler dereferences a nil pointer instead ...

PT-2025-52286

Name of the Vulnerable Software and Affected Versions free5GC UPF versions prior to 4.1.0 Description The free5GC UPF is susceptible to a denial of service due to insufficient bounds checking on the Session ID SEID when handling PFCP Session Deletion Requests. An unauthenticated remote attacker c...

PT-2025-52289

Name of the Vulnerable Software and Affected Versions omec-project UPF version 2.1.3-dev Description A denial-of-service issue exists in the omec-project UPF pfcpiface component. Specifically, when a PFCP Session Establishment Request is sent to the UPF’s N4/PFCP endpoint without the mandatory...

CVE-2025-65565

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID CPF-SEID Information Element is not properly validated. The...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991277 advisory. A race condition was found in the Linux kernel's drm/exynos device driver inexynosdrmcrtcatomicdisable function. This can result in a null pointer dereference issue,...

CVE-2025-67897

A flaw was found in Sequoia. This vulnerability allows a remote attacker to crash an application via sending a victim an encrypted message with a crafted Public Key Encrypted Session Key PKESK or Symmetric Key Encrypted Session Key SKESK packet, which causes aeskeyunwrap to panic when processing ...

kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability

A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...

SUSE CVE-2025-68173

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftracemoduleenable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsymslookup can spend too much time in RCU critical section and...

SUSE CVE-2025-68192

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: initialize MAC header offset in qmimuxrxfixup Raw IP packets have no MAC header, leaving skb-macheader uninitialized. This can trigger kernel panics on ARM64 when xfrm or other subsystems access the offset due ...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the flatten, min, max, mean, and median functions when processing deeply nested or cyclic data structures. An attacker can cause the application to crash by supplying maliciously...

EUVD-2025-203760

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

CVE-2025-68309

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

CVE-2025-68301

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix fragment overflow handling in RX path The atlantic driver can receive packets with more than MAXSKBFRAGS 17 fragments when handling large multi-descriptor packets. This causes an out-of-bounds write in...

UBUNTU-CVE-2025-68309

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

CVE-2025-68309

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

CVE-2025-68301

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix fragment overflow handling in RX path The atlantic driver can receive packets with more than MAXSKBFRAGS 17 fragments when handling large multi-descriptor packets. This causes an out-of-bounds write in...