CVE-2026-37235

FlexRIC v2.0.0 trusts the xapp_id field from E42 payloads without binding it to the sender’s SCTP association. The valid_xapp_id() check only ensures the value is within the assigned range, enabling a remote unauthenticated attacker to impersonate any xApp by supplying their xapp_id in requests t...

CVE-2026-37235

FlexRIC v2.0.0 trusts the xappid field from E42 message payloads without binding it to the sender's SCTP association. The validation function validxappid only checks that the value is within the assigned range. A remote unauthenticated attacker can impersonate any xApp by specifying their xappid ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed the WARNON in the iommu probe path Commit 1a75cc710b95 “iommu/vt-d: Use rbtree to track iommu probed devices” adds all devices probed by the iommu driver into an rbtree indexed by the source ID of each device. I...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The backend for setting the DEAD bit was changed to use the GC transaction API. The GC transaction API replaces the old and buggy gc API and the busy mark approach. No set elements are removed from async...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a traversal bug in ext4mbusepreallocated. During allocation, when searching for pre-allocations PA in the per-inode rbtree, we cannot perform a direct traversal of the tree. This is because...

CVE-2026-41511

OpenMcdf is a fully .NET / C library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory entry red-black tree of a Compound File Binary CFB document. A crafted CFB file with a cycle in the...

OpenMcdf 安全漏洞

OpenMcdf is an open-source .NET library for manipulating compound file binary formats. Versions of OpenMcdf prior to 3.1.3 contained security vulnerabilities, which stemmed from undetected loops in the red-black tree used to manage directory entries, potentially leading to infinite loops...

OpenMcdf has an Infinite loop DoS via crafted CFB directory cycle

Summary OpenMcdf does not detect cycles in the directory entry red-black tree of a Compound File Binary CFB document. A crafted CFB file with a cycle in the LeftSiblingID / RightSiblingID chain causes Storage.EnumerateEntries and Storage.OpenStream to loop indefinitely, consuming the calling thre...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013099)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013099 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011349)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011349 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38468)

"In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...

CVE-2023-53813

In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4mbusepreallocated During allocations, while looking for preallocationsPA in the per inode rbtree, we can't do a direct traversal of the tree because ext4mbdiscardgrouppreallocation can...

EUVD-2025-201869

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in insertextenttree When we get wrong extent info data, and look up extentnode in rb tree, it will cause infinite loop CONFIGF2FSCHECKFS=n. Avoiding this by return NULL and print some kernel messages in th...

CVE-2025-40333 f2fs: fix infinite loop in __insert_extent_tree()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in insertextenttree When we get wrong extent info data, and look up extentnode in rb tree, it will cause infinite loop CONFIGF2FSCHECKFS=n. Avoiding this by return NULL and print some kernel messages in th...

CVE-2023-53813

In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4mbusepreallocated During allocations, while looking for preallocationsPA in the per inode rbtree, we can't do a direct traversal of the tree because ext4mbdiscardgrouppreallocation can...

Linux Distros Unpatched Vulnerability : CVE-2025-40271

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should us...

EUVD-2025-201584

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...

DEBIAN-CVE-2025-40271

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...

CVE-2025-40271 fs/proc: fix uaf in proc_readdir_de()

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...

CVE-2025-40271

CVE-2025-40271 affects the Linux kernel fs/proc code. The vulnerability arises in proc_readdir_de() where a node erased from the subdir red-black tree is not cleared (RB_CLEAR_NODE), leaving the pde_subdir_next() path able to return a freed node (UAF). Affected code path: proc_readdir(), pde_get(...