CVE-2022-49849

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in devargsmatchdevice syzkaller found a failed assertion: assertion failed: args-devid != u64-1 || args-missing, in fs/btrfs/volumes.c:6921 This can be triggered when we set devid to u64-1 by ioctl. I...

CVE-2022-49845 can: j1939: j1939_send_one(): fix missing CAN header initialization

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sendone: fix missing CAN header initialization The read access to struct canxlframe::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled elements in struct canframe...

CVE-2022-49844

The collection confirms CVE-2022-49844 affects the Linux kernel CAN subsystem. The issue arises from reading priv->ctrlmode in virtual CAN interfaces (e.g., vcan, vxcan) when some interfaces do not create struct can_priv at startup, causing an out-of-bounds read and CAN frame drops. The refere...

CVE-2022-49838 sctp: clear out_curr if all frag chunks of current msg are pruned

In the Linux kernel, the following vulnerability has been resolved: sctp: clear outcurr if all frag chunks of current msg are pruned A crash was reported by Zhen Chen: listdel corruption, ffffa035ddf01c18-next is NULL WARNING: CPU: 1 PID: 250682 at lib/listdebug.c:49 listdelentryvalid+0x59/0xe0...

CVE-2022-49808

CVE-2022-49808 concerns the Linux kernel net: dsa teardown path where tagger-owned storage could leak on unbind. The provided description explains the root cause: in the dsa switch teardown path, tag_ops->disconnect was not properly dismantled during normal driver teardown, risking use-after-f...

CVE-2022-49788 misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...

CVE-2022-49774 KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvmxeneventfdassign Should not call eventfdctxput in case of error. Introduce new goto target instead. - Paolo...

CVE-2022-49775 tcp: cdg: allow tcp_cdg_release() to be called multiple times

In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcpcdgrelease to be called multiple times Apparently, mptcp is able to call tcpdisconnect on an already disconnected flow. This is generally fine, unless current congestion control is CDG, because it might trigger...

GHSA-8X27-JWJR-8545 SQL injection in ADOdb PostgreSQL driver pg_insert_id() method

Improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pginsertid with user-supplied data. Note that the indicated Severity corresponds to a worst-case usage scenario. Impact PostgreSQL...

CVE-2025-37742

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of imap allocated in the diMount function syzbot reports that hexdumptobuffer is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in...

UBUNTU-CVE-2025-23149

In the Linux kernel, the following vulnerability has been resolved: tpm: do not start chip while suspended Checking TPMCHIPFLAGSUSPENDED after the call to tpmfindgetops can lead to a spurious tpmchipstart call: 35985.503771 i2c i2c-1: Transfer while suspended 35985.503796 WARNING: CPU: 0 PID: 74 ...

CVE-2025-37747

In the Linux kernel, the following vulnerability has been resolved: perf: Fix hang while freeing sigtrap event Perf can hang while freeing a sigtrap event if a related deferred signal hadn't managed to be sent before the file got closed: perfeventoverflow taskworkaddperfpendingtask fput...

PT-2025-18477 · D Link · D-Link Dir-816

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 version A2V1.1.0B05 Description: The issue is related to a command injection in iptablesWebsFilterRun, allowing remote attackers to execute arbitrary commands via the shell. This enables attackers to potentially gain unauthoriz...

PT-2025-18666 · Totolink · Totolink Ca600-Poe

Name of the Vulnerable Software and Affected Versions: TOTOLINK CA600-PoE version 5.3c.6665 B20180820 Description: The issue is related to a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This allows attackers to execute arbitrary commands via a crafte...

PT-2025-18346 · NetGear · Netgear Ex6200

Name of the Vulnerable Software and Affected Versions: Netgear EX6200 version 1.0.3.94 Description: A critical issue has been found in the Netgear EX6200, affecting the function sub 3D0BC. The manipulation of the host argument leads to a buffer overflow. This issue can be exploited remotely. The...

PT-2025-18573 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc3-syzkaller-00175-g1118b2049d77 Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the napi schedule prep function, which must be called to ensure ownership of a...

PT-2025-18375 · Unknown · Phpgurukul Boat Booking System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Boat Booking System version 1.0 Description: A critical issue was found in the PHPGurukul Boat Booking System, affecting the file /admin/booking-details.php. The manipulation of the Status argument leads to sql injection. The attac...

PT-2025-18711 · Alanbinu007 · Spring-Boot-Advanced-Projects

Name of the Vulnerable Software and Affected Versions: AlanBinu007 Spring-Boot-Advanced-Projects versions up to 3.1.3 Description: A critical vulnerability was found in AlanBinu007 Spring-Boot-Advanced-Projects, affecting the function uploadUserProfileImage of the file...

PT-2025-18542

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc3+ Description A vulnerability in the Linux kernel has been resolved, specifically in the ata tport add function. The return value of transport add device is not checked, resulting in a null pointer...

PT-2025-18633 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fix of the NULL pointer dereference in rose send frame Description: A NULL pointer dereference issue was found in the Linux kernel, specifically in the rose send frame function. This issue was reported by...