EUVD-2025-20026

Malicious code in bioql PyPI...

bcache: fix NULL pointer in cache_set_flush()

...

CVE-2025-38230

In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...

CVE-2025-38230

In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...

CVE-2025-22062

CVE-2025-22062 affects the Linux kernel SCTP component. The issue arises from missing mutual exclusion in proc_sctp_do_udp_port, risking a crash if calls to sctp_udp_sock_stop() and sctp_udp_sock_start() are serialized improperly. The vulnerability is tied to the SCTP protocol, with proof of impa...

CVE-2024-49568 net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg

In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...