Aggregator

CVE-2025-21925 | Linux Kernel up to 6.13.6 net/llc/llc_s_ac.c skb_get state issue (Nessus ID 234309 / WID-SEC-2025-0683)

Vuldb Updates
1 week 1 day ago
A vulnerability described as problematic has been identified in Linux Kernel up to 6.13.6. This impacts the function skb_get of the file net/llc/llc_s_ac.c. Executing manipulation can lead to state issue. This vulnerability appears as CVE-2025-21925. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-21924 | Linux Kernel up to 5.15.178/6.1.130/6.6.82/6.12.18/6.13.6 hclge_ptp_get_cycle initialization (Nessus ID 234309 / WID-SEC-2025-0683)

Vuldb Updates
1 week 1 day ago
A vulnerability has been found in Linux Kernel up to 5.15.178/6.1.130/6.6.82/6.12.18/6.13.6 and classified as problematic. This impacts the function hclge_ptp_get_cycle. This manipulation causes improper initialization. This vulnerability is handled as CVE-2025-21924. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2025-21960 | Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7 /include/linux/skbuff.h bnxt_xdp_build_skb ip_summed assertion (Nessus ID 234309 / WID-SEC-2025-0683)

Vuldb Updates
1 week 1 day ago
A vulnerability was found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. It has been rated as problematic. Affected by this vulnerability is the function bnxt_xdp_build_skb in the library /include/linux/skbuff.h. The manipulation of the argument ip_summed leads to reachable assertion. This vulnerability is uniquely identified as CVE-2025-21960. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2025-21970 | Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7 mlx5_esw_bridge_lag_rep_get initialization (Nessus ID 234309 / WID-SEC-2025-0683)

Vuldb Updates
1 week 1 day ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. Affected by this vulnerability is the function mlx5_esw_bridge_lag_rep_get. Performing manipulation results in improper initialization. This vulnerability is cataloged as CVE-2025-21970. The attack must originate from the local network. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-21956 | Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7 AMD Display normalized_pix_clk privilege escalation (EUVD-2025-9364 / Nessus ID 234309)

Vuldb Updates
1 week 1 day ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.131/6.6.83/6.12.19/6.13.7. Impacted is the function normalized_pix_clk of the component AMD Display. The manipulation leads to privilege escalation. This vulnerability is documented as CVE-2025-21956. The attack requires being on the local network. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

INC

Dark Feed IO
1 week 1 day ago

You must login to view this content

cohenido

Defending DNS with Infoblox and Protective DNS

Security Boulevard
1 week 1 day ago

For too long, we’ve treated DNS as a simple utility. It’s just a phonebook for the internet, right? Treating it that way is a mistake. Nearly every single malicious action, whether it’s a phishing link, a command-and-control (C2) callback, or data exfiltration, starts with a DNS query. It is integral to the attacker workflow. So,..

The post Defending DNS with Infoblox and Protective DNS appeared first on Security Boulevard.

Tom Hollingsworth

CVE-2025-21896 | Linux Kernel up to 6.13.5 fuse __readahead_folio information disclosure (WID-SEC-2025-0683)

Vuldb Updates
1 week 1 day ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.13.5. This affects the function __readahead_folio of the component fuse. Such manipulation leads to information disclosure. This vulnerability is listed as CVE-2025-21896. The attack must be carried out from within the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-21897 | Linux Kernel up to 6.12.17/6.13.5 sched_ext pick_task_scx deadlock (Nessus ID 250071 / WID-SEC-2025-0683)

Vuldb Updates
1 week 1 day ago
A vulnerability was found in Linux Kernel up to 6.12.17/6.13.5 and classified as critical. The impacted element is the function pick_task_scx of the component sched_ext. The manipulation results in deadlock. This vulnerability was named CVE-2025-21897. The attack needs to be approached within the local network. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-21899 | Linux Kernel up to 6.1.129/6.6.80/6.12.17/6.13.5 tracing event_trigger_write incorrect regex (Nessus ID 234309 / WID-SEC-2025-0683)

Vuldb Updates
1 week 1 day ago
A vulnerability was found in Linux Kernel up to 6.1.129/6.6.80/6.12.17/6.13.5. It has been declared as problematic. This impacts the function event_trigger_write of the component tracing. Such manipulation leads to incorrect regular expression. This vulnerability is referenced as CVE-2025-21899. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-53029 | Linux Kernel up to 5.15.90/6.1.7 put_cpu perpcu allocation of resources (WID-SEC-2025-0649)

Vuldb Updates
1 week 1 day ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.15.90/6.1.7. Affected is the function put_cpu. This manipulation of the argument perpcu causes allocation of resources. The identification of this vulnerability is CVE-2023-53029. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2023-53030 | Linux Kernel up to 5.15.90/6.1.7 Memory Allocation include/linux/sched/mm.h in_atomic allocation of resources (WID-SEC-2025-0649)

Vuldb Updates
1 week 1 day ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 5.15.90/6.1.7. The impacted element is the function in_atomic in the library include/linux/sched/mm.h of the component Memory Allocation Handler. Executing manipulation can lead to allocation of resources. This vulnerability is tracked as CVE-2023-53030. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

CVE-2023-53033 | Linux Kernel up to 5.10.163/5.15.88/6.1.6 nft_payload privilege escalation (Nessus ID 241018 / WID-SEC-2025-0649)

Vuldb Updates
1 week 1 day ago
A vulnerability was found in Linux Kernel up to 5.10.163/5.15.88/6.1.6. It has been classified as problematic. Affected by this vulnerability is an unknown functionality of the component nft_payload. Performing manipulation results in privilege escalation. This vulnerability is cataloged as CVE-2023-53033. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2023-53031 | Linux Kernel up to 5.4.228/5.10.163/5.15.88/6.1.6 Performance Counters in_atomic state issue (Nessus ID 246671 / WID-SEC-2025-0649)

Vuldb Updates
1 week 1 day ago
A vulnerability identified as problematic has been detected in Linux Kernel up to 5.4.228/5.10.163/5.15.88/6.1.6. This affects the function in_atomic of the component Performance Counters. The manipulation leads to state issue. This vulnerability is listed as CVE-2023-53031. The attack must be carried out from within the local network. There is no available exploit. You should upgrade the affected component.
vuldb.com

CVE-2025-21903 | Linux Kernel up to 6.12.18/6.13.6 mctp i3c null pointer dereference (Nessus ID 241070 / WID-SEC-2025-0683)

Vuldb Updates
1 week 1 day ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.18/6.13.6. Affected by this vulnerability is an unknown functionality of the component mctp i3c. The manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2025-21903. The attack requires being on the local network. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

Managed ad