334 matches found
Ask What Your Country Can Do for You: Towards a Public Red Teaming Model
AI systems have the potential to produce both benefits and harms, but without rigorous and ongoing adversarial evaluation, AI actors will struggle to assess the breadth and magnitude of the AI risk surface. Researchers from the field of systems design have developed several effective sociotechnic...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-404875)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-404875 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200atacommand The isd200 sub-driver in...
EUVD-2025-29059
Malicious code in bioql PyPI...
EUVD-2025-14676
Malicious code in bioql PyPI...
EUVD-2021-30904
Malicious code in bioql PyPI...
UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors
Companies in the legal services, software-as-a-service SaaS providers, Business Process Outsourcers BPOs, and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to as BRICKSTORM. The activity, attributed to UNC52...
Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries
New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data...
PT-2025-38520
Westermo Network Technologies has identified a severe command injection vulnerability in its WeOS 5 operating system that could allow attackers to execute unauthorized commands remotely. Key Points: - A CVSS v4 score of 8.7 indicates a high risk of exploitation. - Remote attackers with...
block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
...
CVE-2025-39795
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
SUSE CVE-2025-39795
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
CVE-2025-39795
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
AZL-67337 CVE-2025-39795 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
AZL-74691 CVE-2025-39795 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
DEBIAN-CVE-2025-39795
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
UBUNTU-CVE-2025-39795
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
CVE-2025-39795
CVE-2025-39795 involves a kernel block layer (blk_stack_limits) overflow where chunk_sectors could exceed an unsigned int when interpreted in bytes. The concrete fix, documented in multiple advisories (e.g., Ubuntu USN entries and Oracle/Linux ELSA/DLA), changes the validation to operate on secto...
CVE-2025-39795 block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
CVE-2025-39795 block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
CVE-2025-39792 dm: Always split write BIOs to zoned device limits
In the Linux kernel, the following vulnerability has been resolved: dm: Always split write BIOs to zoned device limits Any zoned DM target that requires zone append emulation will use the block layer zone write plugging. In such case, DM target drivers must not split BIOs using dmacceptpartialbio...