UBUNTU-CVE-2025-22087

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with maygoto maygoto uses an additional 8 bytes on the stack, which causes the interpreters array to go out of bounds when calculating index by stacksize. 1. If a BPF program is rewritten, re-evaluate...

UBUNTU-CVE-2025-22105

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

Following the News: MITRE’s Common Vulnerabilities and Exposures (CVE) Funding

The current situation On April 16, CISA extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures CVE program. This was in response to a letter sent by MITRE on April 15 to CVE board members warning of a potential issue with MITRE's support for the CVE...

CVE-2025-22105 bonding: check xdp prog when set bond mode

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

CVE-2025-22105

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

CVE-2025-22105

CVE-2025-22105 affects the Linux kernel bonding driver. When an XDP program is attached to a bonded interface, changing the bond mode may trigger a warning inside bond_xdp_set. The fix adds a check for the presence of an XDP program when setting bond mode, since some modes (e.g., balance-rr with ...

CVE-2025-22105 bonding: check xdp prog when set bond mode

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

CVE-2025-22087 bpf: Fix array bounds error with may_goto

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with maygoto maygoto uses an additional 8 bytes on the stack, which causes the interpreters array to go out of bounds when calculating index by stacksize. 1. If a BPF program is rewritten, re-evaluate...

U.S. Govt. Funding for MITRE's CVE Ends April 16, Cybersecurity Community on Alert

The U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures CVE program will expire Wednesday, an unprecedented development that could shake up one of the foundational pillars of the global cybersecurity ecosystem. The 25-year-o...

Funding Expires for Key Cyber Vulnerability Database

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check the xdp program when setting bond mode, which could result in warnings or undefined behavior...

PT-2025-16907 · Unknown · Softether Vpn

Name of the Vulnerable Software and Affected Versions: SoftEtherVPN versions 5.02.5184 through 5.02.5187 Description: The issue is related to a NULL dereference in the DeleteIPv6DefaultRouterInRA function called by StorePacket. This occurs because DeleteIPv6DefaultRouterInRA does not account for...

ZkFuzz: Foundation and Framework for Effective Fuzzing of Zero-Knowledge Circuits

Zero-knowledge ZK circuits enable privacy-preserving computations and are central to many cryptographic protocols. Systems like Circom simplify ZK development by combining witness computation and circuit constraints in one program. However, even small errors can compromise security of ZK programs...

CVE-2025-31344

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2...

DEBIAN-CVE-2025-31344

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2...

CVE-2025-31344 The giflib open-source component has a buffer overflow vulnerability

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2...

CVE-2025-31344

Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2...

CVE-2025-32696

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1...

CVE-2025-32697

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php. This issue affects MediaWiki:...

GHSA-M454-3XV7-QJ85 CVE-2025-1386- Query smuggling in ch-go library

Impact When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream. Patches If you are using ch-go library, we...