PCMan FTP Server RECV Command Handler Buffer Overflow Vulnerability

PCMan FTP Server is PCMan open source set of FTP server software. PCMan FTP Server suffers from a buffer overflow vulnerability that originates from the RECV command handler failing to properly validate the length of input data, which can be exploited by an attacker to cause a denial of service...

SUSE CVE-2022-49814

In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...

UBUNTU-CVE-2023-53098

In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: 19.463299 Unable to handle kernel NULL...

CVE-2023-53098 media: rc: gpio-ir-recv: add remove function

In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: 19.463299 Unable to handle kernel NULL...

PT-2025-18862 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the gpio-ir-recv module and occurs when runtime PM is enabled. If runtime PM is enabled, the kernel may...

CVE-2025-4183

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RECV Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

CVE-2025-4183 PCMan FTP Server RECV Command buffer overflow

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RECV Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

UBUNTU-CVE-2022-49814

In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...

The vulnerability of the on_frame_recv_callback() function (soup-server-message-io-http1.c) in the GNOME graphical interface library libsoup allows a attacker to cause a service failure.

The vulnerability of the onframerecvcallback function soup-server-message-io-http1.c in the GNOME graphical interface library libsoup is related to incorrect interpretation of input data when processing pseudoheaders such as :scheme, :authority, and :path. Exploitation of this vulnerability could...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table bsc1233023. CVE-2024-41062: Sync sock recv cb and release bsc1228578. CVE-2022-48791: Fix use-after-fr...

GHSA-PGR7-MHP5-FGJP vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object

vllm-project vllm version 0.6.0 contains a vulnerability in the distributed training API. The function vllm.distributed.GroupCoordinator.recvobject deserializes received object bytes using pickle.loads without sanitization, leading to a remote code execution vulnerability. Maintainer perspective...

Deserialization of Untrusted Data

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the MooncakePipe class, which relies on pickle for serialization and deserialization in recvtensor. An attacker...

UBUNTU-CVE-2022-49407

In the Linux kernel, the following vulnerability has been resolved: dlm: fix plock invalid read This patch fixes an invalid read showed by KASAN. A unlock will allocate a "struct plockop" and a followed sendop will append it to a global sendlist data structure. In some cases a followed devread...

CVE-2024-53151 svcrdma: Address an integer overflow

In the Linux kernel, the following vulnerability has been resolved: svcrdma: Address an integer overflow Dan Carpenter reports: Commit 78147ca8b4a9 "svcrdma: Add a "parsed chunk list" data structure" from Jun 22, 2020 linux-next, leads to the following Smatch static checker warning:...

CVE-2024-53118 vsock: Fix sk_error_queue memory leak

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix skerrorqueue memory leak Kernel queues MSGZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recved. To prevent memory leaks, clean up the queue when the socket is destroyed...

CVE-2024-50169 vsock: Update rx_bytes on read_skb()

In the Linux kernel, the following vulnerability has been resolved: vsock: Update rxbytes on readskb Make sure virtiotransportincrxpkt and virtiotransportdecrxpkt calls are balanced i.e. virtiovsocksock::rxbytes doesn't lie after vsocktransport::readskb. While here, also inform the peer that we'v...

CVE-2024-50169

CVE-2024-50169 is a Linux kernel vulnerability in virtio_vsock/rx accounting. The connected Nessus entry confirms a concrete fix: after vtock read_skb(), the kernel now updates rx_bytes via virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt() to keep rx_bytes in sync with dequeued pack...

CVE-2024-50169 vsock: Update rx_bytes on read_skb()

In the Linux kernel, the following vulnerability has been resolved: vsock: Update rxbytes on readskb Make sure virtiotransportincrxpkt and virtiotransportdecrxpkt calls are balanced i.e. virtiovsocksock::rxbytes doesn't lie after vsocktransport::readskb. While here, also inform the peer that we'v...

CLSA-2024-1729869774 kernel: Fix of 12 CVEs

ftrace: Fix possible use-after-free issue in ftracelocation CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftraceprocesslocs CVE-2024-38588 - ftrace: Store the order of pages allocated in ftracepage CVE-2024-38588 - ftrace: Check if pages were allocated before calling...

DEBIAN-CVE-2024-47711

In the Linux kernel, the following vulnerability has been resolved: afunix: Don't return OOB skb in manageoob. syzbot reported use-after-free in unixstreamrecvurg. 0 The scenario is 1. sendMSGOOB 2. recvMSGOOB - The consumed OOB remains in recv queue 3. sendMSGOOB 4. recv - manageoob returns the...