254 matches found
DEBIAN-CVE-2025-37945
In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsaswitchsuspend and dsaswitchresume from their device PM ops: qca8k-8xxx, bcmsf2, microchip ksz...
UBUNTU-CVE-2025-37945
In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsaswitchsuspend and dsaswitchresume from their device PM ops: qca8k-8xxx, bcmsf2, microchip ksz...
CVE-2025-37945 net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY
In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsaswitchsuspend and dsaswitchresume from their device PM ops: qca8k-8xxx, bcmsf2, microchip ksz...
CVE-2025-37945
CVE-2025-37945 — Linux kernel (net/phy, DSA) Affects MDIO bus PM ops for phylink-controlled PHYs. In drivers without MAC-managed PM, mdio_bus_phy_suspend() did not call phy_stop_machine() because phylink’s phydev->adjust_link is NULL, so the PHY state machine kept running. Consequently, mdio_b...
An Automated Blackbox Noncompliance Checker for QUIC Server Implementations
We develop QUICtester, an automated approach for uncovering non-compliant behaviors in the ratified QUIC protocol implementations RFC 9000/9001. QUICtester leverages active automata learning to abstract the behavior of a QUIC implementation into a finite state machine FSM representation. Unlike...
Measuring Security in 5G and Future Networks
In today's increasingly interconnected and fast-paced digital ecosystem, mobile networks, such as 5G and future generations such as 6G, play a pivotal role and must be considered as critical infrastructures. Ensuring their security is paramount to safeguard both individual users and the industrie...
Malicious code in start-state-machine (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 817dc6cbfa89267c683591874924c9aaf14005ca7e5da82c2d7ee55fccb52c76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the FSM component of Intel microprogramming systems, which allows a hacker to trigger a service failure.
The vulnerability of the FSM component in Intel microprogramming systems relates to the checking of incorrect conditions. Exploiting this vulnerability can allow attackers to cause malfunctions in the system’s operation...
CVE-2025-25774
An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Service DoS...
PT-2025-11111 · Open5Gs · Open5Gs
Name of the Vulnerable Software and Affected Versions: Open5GS version 2.7.2 Description: An issue in Open5GS can cause an exception in the AMF's internal state machine when a UE switches between two gNBs and sends a handover request at a specific time. This can lead to an AMF crash, resulting in...
SUSE CVE-2022-49655
In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscacheinvalidate will be asked to invalidate the file - however, if the cookie is in the LOOKINGUP state or the CREATING state, then request ...
DEBIAN-CVE-2022-49730
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted A use-after-free crash can occur after an ELS LOGO is aborted. Specifically, a nodelist structure is freed and then ndlp-vport-cfglogverbose is dereferenced in...
DEBIAN-CVE-2022-49655
In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscacheinvalidate will be asked to invalidate the file - however, if the cookie is in the LOOKINGUP state or the CREATING state, then request ...
UBUNTU-CVE-2022-49655
In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscacheinvalidate will be asked to invalidate the file - however, if the cookie is in the LOOKINGUP state or the CREATING state, then request ...
CVE-2022-49730 scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted A use-after-free crash can occur after an ELS LOGO is aborted. Specifically, a nodelist structure is freed and then ndlp-vport-cfglogverbose is dereferenced in...
Intel Processors 安全漏洞
Intel Processors are a family of processors from Intel Corporation USA. A security vulnerability exists in Intel Processors that stems from a Finite State Machine FSM design flaw that could allow a privileged user to trigger a denial of service via local access...
CVE-2025-24371
CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol peers send their base and latest heights when they connect to a new node A, which is syncing to the tip of a network. base acts as a lower ground and informs A that the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an FSM command timeout...
The vulnerability of the FSM component of Intel microprogramming systems, which allows a hacker to trigger a service failure.
The vulnerability of the FSM component in Intel microprogramming systems relates to the checking of incorrect conditions. Exploiting this vulnerability can allow attackers to cause malfunctions in the system’s operation...
SUSE CVE-2024-49998
In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...