Aggregator

A vulnerability was found in Linux Kernel up to 6.6.83/6.12.19/6.13.7. It has been declared as critical. Impacted is the function corrupt_bio_byte. Such manipulation leads to memory corruption. This vulnerability is traded as CVE-2025-21966. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.6.83/6.12.19/6.13.7. The impacted element is the function ksmbd_free_work_struct. Executing a manipulation can lead to use after free. This vulnerability is handled as CVE-2025-21967. The attack can only be done within the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.19/6.13.7. It has been rated as critical. The affected element is the function scx_bpf_select_cpu_dfl. Performing a manipulation results in denial of service. This vulnerability is known as CVE-2025-21965. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is advised.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. This affects an unknown function of the component cifs. The manipulation results in integer overflow. This vulnerability is identified as CVE-2025-21963. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. This impacts an unknown function of the component cifs. This manipulation causes integer overflow. This vulnerability is tracked as CVE-2025-21964. The attack is only possible within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.19/6.13.7 and classified as problematic. This affects the function xdp_update_skb_shared_info of the file net/core/skbuff.c. Such manipulation leads to privilege escalation. This vulnerability is traded as CVE-2025-21961. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. It has been declared as problematic. Affected is an unknown function of the component cifs. Executing a manipulation can lead to integer overflow. This vulnerability is handled as CVE-2025-21962. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.12.19/6.13.7. Affected by this issue is the function ovs_ct_set_labels. The manipulation results in allocation of resources. This vulnerability was named CVE-2025-21958. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. It has been rated as problematic. Affected by this vulnerability is the function bnxt_xdp_build_skb in the library /include/linux/skbuff.h. The manipulation of the argument ip_summed leads to reachable assertion. This vulnerability is uniquely identified as CVE-2025-21960. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. It has been classified as problematic. This impacts the function insert_tree of the file net/netfilter/nf_conncount.c. Performing a manipulation results in improper initialization. This vulnerability is known as CVE-2025-21959. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. Impacted is the function normalized_pix_clk of the component AMD Display. The manipulation leads to privilege escalation. This vulnerability is documented as CVE-2025-21956. The attack requires being on the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. The affected element is an unknown function of the file qla1280.c. The manipulation of the argument DEBUG_QLA1280 results in null pointer dereference. This vulnerability is reported as CVE-2025-21957. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.

Submit #749157 / VDB-185285

本文针对CTF自动化解题中大语言模型输出随机性问题，提出基于错误分类的失败重试调度器。调度器将失败分为schema fail、hallucination、tool fail三大类，通过状态机管理候选生成、验证、执行、重试的完整生命周期，结合并行候选生成与语义去重机制，将LLM的随机性转化为可预测、可验证的稳定产出。

Submit #749095 / VDB-271995

Все версии vm2 ниже 3.10.2 уязвимы к атаке.

Submit #749037 / VDB-185279

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.19/6.13.7. This affects the function ip_proto of the component netmem. Performing a manipulation results in memory leak. This vulnerability is reported as CVE-2025-21954. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.83/6.12.19/6.13.7 and classified as problematic. The impacted element is the function ksmbd_work. This manipulation causes privilege escalation. This vulnerability appears as CVE-2025-21955. The attacker needs to be present on the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability described as critical has been identified in Linux Kernel up to 6.13.6. This affects the function corsair_void_process_receiver. Such manipulation leads to denial of service. This vulnerability is listed as CVE-2025-21952. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.