Use-after-free in the Linux kernel's Amazon ENA (Elastic Network Adapter) PTP Hardware Clock (PHC) get_timestamp path lets a local low-privileged user trigger a NULL/dangling pointer dereference via a race between timestamp reads and clock teardown. The driver checked phc->active and cached the resp pointer from ena_dev->phc.virt_addr before taking the spinlock, so a concurrent ena_com_phc_destroy() could free the DMA memory and NULL virt_addr mid-operation. With a CVSS of 7.8 (high) but EPSS of only 0.17% (7th percentile), this is a memory-safety race with no public exploit identified at time of analysis; it is fixed upstream and patched in stable releases.
Local privilege escalation and memory corruption in the Linux kernel's Intel Xe DRM graphics driver (drm/xe) arises from a use-after-free in the dma-buf import path, where an error-handling retry loop operates on a buffer object (bo) that has already been freed. Affecting kernel 6.18 series before the 6.18.33 stable fix, a local low-privileged user with access to the Xe DRM device can trigger the freed-object access to corrupt kernel memory or leak data. There is no public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile), consistent with a local-only, driver-specific bug rather than mass-exploited remote flaw.
Local privilege/denial-of-service exposure in the Linux kernel BPF subsystem allows a low-privileged user who can load a device-bound XDP program to trigger a use-after-free during network namespace teardown. When constant blinding is enabled (bpf_jit_harden=2), JIT compilation of a BPF_F_XDP_DEV_BOUND_ONLY program clones the program and frees the original, but offload->prog is left pointing at the freed buffer; later netns cleanup dereferences it. There is no public exploit identified at time of analysis, and the EPSS probability is very low (0.17%), consistent with a config-dependent, non-default code path.
Memory corruption in the Linux kernel BPF arena subsystem (versions 6.9 through pre-patch 7.1) arises because arena_alloc_pages() accepts an attacker-controlled NUMA node_id as a plain int and forwards it through the entire page-allocation chain without bounds validation. A local user able to load BPF programs and invoke the bpf_arena_alloc_pages helper can supply an out-of-range node_id, leading to out-of-bounds access into per-node allocator structures with potential information disclosure, corruption, or denial of service. There is no public exploit identified at time of analysis and the EPSS exploitation probability is low (0.17%, 6th percentile).
Privilege-relevant memory corruption in the Linux kernel eBPF verifier (introduced around v6.11) lets a local user with BPF-loading capability defeat the verifier's range tracking when a register adds to itself (rX += rX), because adjust_reg_min_max_vals() mutates dst_reg in place and then reads the already-modified src_reg, recording a wrong delta that sync_linked_regs() propagates to linked registers. The result is a verifier-vs-runtime mismatch - the verifier reasons about register bounds that differ from actual execution, the classic precursor to out-of-bounds kernel memory access and local privilege escalation. CVSS is 7.8 (High); EPSS is low (0.17%, 6th percentile), there is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Local memory-corruption in the Linux kernel's drm/msm (Qualcomm Adreno GPU) driver stems from a VM_BIND UNMAP locking bug where a wrong argument left the GPU buffer objects involved in UNMAP operations unlocked. A low-privileged local user with GPU/render access on systems using the msm driver can trigger races that, per the 7.8 CVSS vector (AV:L/AC:L/PR:L), yield high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and EPSS is low at 0.17%, indicating limited near-term mass-exploitation likelihood.
Local privilege escalation / memory corruption in the Linux kernel's netfilter NAT subsystem (introduced in v5.14) arises because nf_nat_register_fn() freed nf_hook_ops structures immediately rather than deferring the release via RCU. Because the v5.14-era nfnetlink_hook feature lets userspace dump active netfilter hooks by peeking into the ops blob, a concurrent dump racing the NAT (un)register error path can access ops memory after it is freed. No public exploit has been identified at time of analysis and EPSS is low (0.17%), but the high-impact CVSS vector reflects a use-after-free class flaw in a core kernel subsystem.
Local privilege escalation and information disclosure in the Linux kernel's SysV IPC subsystem stems from an unbounded ID allocation in ipc_idr_alloc() along the checkpoint/restore (CRIU) path, where a user-supplied next_id can spill past the valid ipc_mni range. Because removal truncates the index via ipcid_to_idx(), a high-index object can be freed while its real IDR slot dangles, so a subsequent /proc/sysvipc/shm walk dereferences freed memory - a use-after-free. No public exploit identified at time of analysis; EPSS is low at 0.17% (6th percentile) and the issue is not on CISA KEV.
Improper network-namespace isolation in the Linux kernel's net/rds InfiniBand transport (RDS/IB) lets a local user operating in a non-initial network namespace trigger faulty RDS/IB behavior, because the existing code was never written to function correctly outside the initial netns. The upstream fix restricts RDS/IB to the initial network namespace entirely. NVD rates it 7.8 (local, low-privilege); EPSS is low at 0.16% (6th percentile) and there is no public exploit identified at time of analysis.
Out-of-bounds read in the Linux kernel's xfrm espintcp (ESP-in-TCP IPsec encapsulation) send path allows a local user with a socket using espintcp to corrupt the one-message-at-a-time transmit state, leading to memory disclosure or a crash. The flaw stems from espintcp_sendmsg() reinitializing emsg->skmsg and reusing ctx->partial while a previous partial send is still in flight, attaching a stale offset to a fresh sk_msg. No public exploit is identified at time of analysis and EPSS is low (0.16%, 6th percentile), reflecting a niche, configuration-dependent attack surface rather than broad exploitability.
Out-of-bounds kernel memory read in the Linux kernel ebtables 32-bit compat layer (compat_mtw_from_user) lets a local low-privileged user holding CAP_NET_ADMIN trigger KASAN-detected OOB reads by supplying an undersized match_size/target_size for an extension whose ->compat_from_user() callback assumes it can read compatsize bytes. It affects Linux from 2.6.34 through builds before the fix and is resolved upstream across all maintained stable branches; no public exploit is identified at time of analysis and EPSS is low (0.16%, 6th percentile).
Local privilege escalation via use-after-free in the Linux kernel's batman-adv (B.A.T.M.A.N. advanced) mesh networking module allows a local low-privileged user to crash or potentially gain code execution by triggering a tp_meter counter underflow during interface shutdown. Concurrent shutdown paths (timeout, user cancel, normal finish) each decrement the 'sending' atomic counter, underflowing it to -1, which traps the sender kthread in an infinite loop and produces a use-after-free when the mesh interface is removed while the zombie thread still runs. No public exploit identified at time of analysis, and EPSS is low at 0.16%; a vendor patch is available across multiple stable trees.
Use-after-free in the Linux kernel's greybus 'raw' driver (drivers/staging/greybus/raw.c) allows a local user holding an open character-device handle to trigger memory corruption when the underlying raw bundle is disconnected and the application later closes the cdev. The flaw stems from the gb_raw structure (which embeds the cdev) being freed in the disconnect callback while a userspace reference remains, causing cdev_put to operate on freed memory and a refcount underflow/panic, especially with CONFIG_INIT_ON_FREE_DEFAULT_ON=y. No public exploit identified at time of analysis, and EPSS is low (0.16%, 6th percentile), consistent with a local, niche-driver issue.
Local privilege-level denial of service in the Linux kernel's Greybus 'raw' character device driver (gb_raw) allows a user with access to the chardev to trigger a use-after-free by writing to the device after a disconnect has freed the underlying gb_connection object, causing a kernel NULL pointer dereference and panic (observed reliably with CONFIG_INIT_ON_FREE_DEFAULT_ON=y). The flaw is a race between the raw_write() path calling gb_operation_sync_timeout() and gb_connection_destroy() running during disconnect. EPSS is low (0.16%, 6th percentile) with no public exploit identified at time of analysis and no CISA KEV listing.
Local use-after-free in the Linux kernel's AF_UNIX subsystem occurs when SOCKMAP (BPF socket map) redirects skbs carrying inflight file descriptors, hiding them from the AF_UNIX garbage collector and breaking the Tarjan-based GC's assumption that unix_edge.successor stays alive — producing a slab use-after-free in unix_del_edges() plus inflight-socket leaks and incorrect fdinfo accounting. Affected are kernels supporting SOCKMAP/sk_psock redirect (roughly 5.15 through pre-fix 7.x trees); a local attacker who can set up SOCKMAP redirection and pass SCM_RIGHTS descriptors can corrupt kernel memory toward privilege escalation or denial of service. There is no public exploit identified at time of analysis, EPSS is low (0.16%, 6th percentile), and it is not in CISA KEV.
Local privilege escalation and kernel memory corruption is possible in the Linux kernel's AMD GPU driver (amdgpu) via a double drm_exec_fini() in the user-queue validation path. When amdgpu_userq_vm_validate() runs with new_addition set, a failure in amdgpu_ttm_tt_get_user_pages() routes execution to a cleanup label that finalizes the already-freed drm_exec object a second time, corrupting kernel state. No public exploit identified at time of analysis, and EPSS rates exploitation probability at only 0.16% (6th percentile), consistent with a hard-to-trigger local bug rather than a mass-exploited flaw.
Local privilege escalation potential in the Linux kernel's io_uring poll subsystem arises from a signed-comparison flaw in io_poll_get_ownership(), where atomic_read() returns a signed int and the IO_POLL_CANCEL_FLAG (BIT(31)) makes poll_refs negative, so the '>= IO_POLL_REF_BIAS' slowpath check is never taken. Affecting kernels from the 5.15/6.x stable series through pre-patch 7.x, a local user with io_uring access can drive poll-reference accounting into an incorrect state during request cancellation, with CVSS 7.8 (AV:L) rating high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and EPSS is low (0.16%, 6th percentile), but a vendor patch is available across stable branches.
Local privilege-dependent use-after-free in the Linux kernel's fs/mbcache subsystem allows a privileged user (root or CAP_SYS_ADMIN) to trigger memory corruption when unmounting an ext2, ext4, or ocfs2 filesystem. mb_cache_destroy() frees the cache without cancelling the pending c_shrink_work item, so a still-running mb_cache_shrink_worker() accesses freed memory (CWE-416), potentially leading to kernel code execution or crash. No public exploit identified at time of analysis; EPSS is low (0.16%, 5th percentile) and it is not on CISA KEV.
Memory-safety and information-disclosure risk in the Linux kernel s390 (IBM Z) eBPF JIT compiler stems from incomplete ABI compliance: the JIT sign-extended values but never zero-extended unsigned BPF program return values and kfunc arguments as the s390x calling convention requires. On s390x hosts, a local user able to load BPF programs can cause the JIT to emit code that leaves stale upper register bits, producing incorrect computation that can leak kernel data or corrupt execution. There is no public exploit identified at time of analysis, EPSS is low (0.16%), and the issue is not in CISA KEV; it is fixed in multiple stable releases.
Local privilege escalation and memory corruption in the Linux kernel BPF subsystem arises from a use-after-free in the open-coded task_vma iterator, which read task->mm locklessly and took mmap_read_trylock() without ever calling mmget(). On kernels where a concurrent task exit frees the mm_struct (not protected by SLAB_TYPESAFE_BY_RCU), a BPF program iterating that task's VMAs can access freed memory, enabling information disclosure or kernel control-flow corruption. The fix has been merged upstream; there is no public exploit identified at time of analysis, EPSS is low (0.16%, 5th percentile), and it is not listed in CISA KEV.
Local privilege escalation in the Linux kernel (6.11 through pre-patch 6.12.x/6.18.x/7.0.x) arises from a BPF verifier state-pruning flaw in regsafe() handling of BPF_ADD_CONST scalar registers, where base register IDs are not checked for mapping consistency. An attacker able to load BPF programs can construct two verifier states that falsely appear equivalent, causing state pruning to incorrectly succeed and letting an unsafe program bypass verification. With CVSS 7.8 (AV:L/PR:L) and full C/I/A impact, successful exploitation can corrupt kernel memory; there is no public exploit identified at time of analysis and EPSS is low (0.16%).
{abs,ind} instructions can take inside BTF-annotated subprograms when a packet data load fails. The verifier only validated the success path, leaving the failure path unanalyzed, which can let an unsafe BPF program pass verification. EPSS is low (0.15%, 5th percentile) and there is no public exploit identified at time of analysis, but the CVSS 7.8 (local, low-complexity) rating reflects a genuine memory-safety risk for any host where BPF program loading is reachable.
Local privilege escalation or memory disclosure is possible in the User Mode Linux (UML/'um') architecture of the Linux kernel (affected around 6.19, fixed in 7.0.10 and 7.1) due to a TLB-sync race condition where the page table is traversed and modified without holding the page table lock. Concurrent threads in the same process can corrupt page table state, with CVSS 7.8 (local, low-privilege) and a high-impact triad; there is no public exploit identified at time of analysis and EPSS is low at 0.15% (5th percentile), consistent with a hard-to-trigger local race rather than a mass-exploited flaw.
Local privilege-impacting memory corruption in the Linux kernel's Intel ice network driver allows a double-free of a transmit buffer's skb when the TX offload paths fail. When ice_tso() or ice_tx_csum() return an error, ice_xmit_frame_ring() frees the skb but leaves the 'first' tx_buf still marked ICE_TX_BUF_SKB, so a later ice_clean_tx_ring() during interface teardown frees the same skb a second time. Carries a CVSS 3.1 base of 7.8 (AV:L/PR:L), but with a low EPSS of 0.15% (5th percentile), no KEV listing, and no public exploit identified at time of analysis.
Out-of-bounds read and kernel pointer leak in the Linux kernel's eBPF sock_ops subsystem lets a local low-privileged actor able to load BPF programs disclose kernel memory and corrupt kernel state. The SOCK_OPS_GET_SK() and SOCK_OPS_GET_FIELD() macros fail to zero the destination register on the !fullsock/!locked_tcp_sock path when dst_reg == src_reg, leaving a stale ctx pointer that the verifier mistakes for a valid socket or a scalar. There is no public exploit identified at time of analysis, and EPSS exploitation probability is low (0.14%, 4th percentile).
Page allocator corruption in the Linux kernel's AMD SEV-SNP guest driver (virt/sev-guest) affects confidential-computing guests running kernels from 6.14 onward. When a guest issues an extended guest request (SVM_VMGEXIT_EXT_GUEST_REQUEST), an untrusted host can return SNP_GUEST_VMM_ERR_INVALID_LEN with a length that does not match the original allocation; the cleanup path then frees pages using a host-controlled page order, corrupting the guest's page allocator. CVSS is 7.8 (local, high C/I/A), but EPSS is just 0.11% (2nd percentile), and there is no public exploit identified at time of analysis and no CISA KEV listing.
Arbitrary code execution within the renderer sandbox affects Google Chrome on Android before 149.0.7827.197 via a use-after-free defect in the WebView component, reachable when a victim renders a crafted HTML page. The flaw lets an attacker corrupt freed memory in the rendering process to gain code execution confined to the sandbox; CVSS is 7.8 (High) and Chromium rates it High severity. There is no public exploit identified at time of analysis, and CISA SSVC marks exploitation status as none, but a vendor patch is already available.
Unauthenticated information disclosure in ATEN Unizon allows remote attackers to read arbitrary files from affected installations by abusing a path-traversal weakness in the writeFileToHttpServletResponse method. Because the underlying service runs with SYSTEM privileges, an attacker can exfiltrate sensitive files including configuration, credentials, and OS-level data. Cataloged via ZDI (ZDI-26-380 / ZDI-CAN-28505) with no public exploit identified at time of analysis; not listed in CISA KEV and no EPSS score was provided.
OS command injection in Warp (the agentic terminal/development environment) affects builds from 0.2024.03.12.08.02.stable_01 up to the fix in 0.2026.05.06.15.42.stable_01 when running under Windows Subsystem for Linux. When wslview cannot open a URL, Warp falls back to a Windows command processor (cmd.exe /c start), so a malicious URL emitted into terminal output executes attacker-controlled Windows commands once the user clicks the link. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the fix commit clearly documents the injection path.
Uncontrolled resource consumption in the AutoGPT platform (versions before 0.6.52) lets an authenticated user crash the server through the Fill Text Template block. The block's Jinja2 SandboxedEnvironment blocks dangerous attribute access but enforces no CPU, memory, or execution-time limits, so a crafted expression can exhaust server resources and hang or crash the host. There is no public exploit identified at time of analysis and the issue is not in CISA KEV, but the bug is straightforward to trigger and the vendor has shipped a fix in 0.6.52.
Detection bypass in picklescan before 0.0.29 allows malicious pickle files to evade scanning by abusing the undetected idlelib.calltip.Calltip.fetch_tip function, enabling arbitrary code execution when the file is later loaded via pickle.load(). Affects ML supply chains relying on picklescan to vet PyTorch models; publicly available exploit code exists in the GHSA advisory, but no public exploit identified in active campaigns at time of analysis.
Detection bypass in picklescan before 0.0.29 allows attackers to craft malicious pickle files using idlelib.debugobj.ObjectTreeItem.SetText in __reduce__ methods that evade the scanner's dangerous-function checks, resulting in arbitrary command execution when the victim subsequently calls pickle.load(). The flaw turns picklescan from a security control into a false-assurance tool for ML pipelines that consume untrusted PyTorch models. Publicly available exploit code exists via the GHSA advisory, though no public exploit identified in active campaigns at time of analysis.
Blind SQL injection in FunnelKit Funnel Builder for WordPress (versions up to and including 3.15.0.5) allows authenticated attackers with high privileges to inject arbitrary SQL queries against the underlying database. The flaw is reported by Patchstack and tracked as CWE-89; no public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV. The CVSS scope change combined with confidentiality impact indicates database contents beyond the plugin context can be exfiltrated one bit at a time via blind techniques.
Arbitrary JavaScript execution in AngularJS (all versions from 1.2.0-rc.3 onward) arises from a flaw in Strict Contextual Escaping (SCE) where resource-URL allowlist regular expressions are matched against URLs as partial rather than whole-string matches, letting attacker-controlled values slip past trusted-URL policies. A successful bypass runs script in the victim's browser session (script src, iframe documents, route templates), enabling client-side compromise; the framework is End-of-Life with no upstream fix, and a CodePen demonstration of the bypass is publicly available. No CISA KEV listing and no evidence of active exploitation were provided.
Cross-workspace data disclosure in Twenty CRM before 2.9.0 lets any authenticated user holding the AI settings flag (a workspace owner by default) read another tenant's AI agent chat history and trigger LLM evaluations against the victim's data on the same instance. By supplying a victim's agentId or turnId to the agentTurns query or evaluateAgentTurn mutation, an attacker retrieves raw chat text, tool calls, and tool outputs that belong to a different workspace. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.
Unauthenticated SQL injection in the ClearSale Total WordPress plugin (all versions through 3.4.2) allows remote attackers to extract sensitive database contents via the pagseguro[metodo] POST parameter of the clearsale_total_push AJAX action. The flaw is reachable without authentication because the nopriv AJAX handler ships with a commented-out die() in the nonce-failure branch, and on PHP < 8.0 loose type juggling bypasses the switch/case integer guard. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not reject Groovy AST transformation annotations carrying an extensions member, allowing attackers able to run sandboxed Groovy scripts to execute code outside the sandbox if a suitable script is present on the classpath of the component that evaluates the script.
SQL injection in the WP Forms Connector WordPress plugin (versions up to and including 1.8) allows unauthenticated remote attackers to extract sensitive database contents via the 'order' parameter of the /wp-json/wp/v3/post/list REST endpoint. The endpoint is exposed with permission_callback '__return_true' and only validates a 'Username' header against an administrator account without verifying the corresponding 'Password', making the authentication check trivially bypassable. No public exploit identified at time of analysis, but the trivial bypass and unsanitized ORDER BY concatenation make weaponization straightforward.
Information disclosure in the WP Forms Connector WordPress plugin (versions through 1.8) allows unauthenticated remote attackers to retrieve any user's password hash and email address via the wp/v3/user/list/<id> REST route. The endpoint's permission_callback is hard-coded to __return_true and the bespoke auth check verifies only that the Username header maps to an administrator (typically 'admin') without ever calling wp_check_password() to validate the supplied Password header. No public exploit identified at time of analysis, but the trivial nature of the bypass and the exposure of user_pass hashes make this a credible account-takeover vector.
Remote denial of service in curl and libcurl (versions 8.18.0 through 8.20.0) lets a malicious or compromised HTTP/3 server indefinitely stall a connecting client. The flaw lives in curl's QUIC UDP receive path, where zero-length UDP datagrams are discarded before they are counted against the per-call packet budget, so a peer that streams a continuous flood of empty datagrams keeps the receive loop spinning without ever making progress. There is no public exploit identified at time of analysis, EPSS risk is low (0.28%, 20th percentile), and impact is availability-only (no data compromise).
Denial of service in Sentry's self-hosted/SaaS event ingestion pipeline (versions 24.4.0 through 26.5.1) lets remote actors who can submit events stall worker CPU via a Regular Expression Denial of Service (ReDoS). A loosely-written hostname-detection regex in the grouping parameterization stage (parameterization.py) backtracks catastrophically on crafted attacker-controlled event fields, exhausting CPU and degrading or halting event processing. No public exploit identified at time of analysis and it is not in CISA KEV, but the fix (26.5.2) and the triggering regex are publicly disclosed in the GitHub advisory and PR #116587, lowering the bar to reproduce.
Denial of service in Mastodon affects all self-hosted instances prior to 4.5.11, 4.4.18, and 4.3.24, where the math content sanitizer fails to handle exceptions raised while processing malformed `<math>` nodes (MathML). A remote attacker can craft content containing broken math markup that propagates an uncaught exception, crashing whole-server services or disrupting service for targeted users depending on which component processes the malformed node. No public exploit has been identified at time of analysis, and the issue is not in CISA KEV; CVSS is 7.5 with availability-only impact.
SSH host-key verification bypass in curl/libcurl (versions through 8.20.0) lets a network man-in-the-middle silently impersonate an SFTP/SCP server when a user invokes curl with a schemeless URL plus '--proto-default sftp' (or scp). In this specific invocation the command-line tool layer misidentifies the scheme and skips setting CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 and CURLOPT_SSH_KNOWNHOSTS, while libcurl still honors CURLOPT_DEFAULT_PROTOCOL and completes the connection, so curl connects to an unverified host without any error. Tagged an Authentication Bypass; EPSS is low (0.21%, 11th percentile) and no public exploit was identified at time of analysis.
Denial of service in curl 8.16.0 through 8.20.0 lets a malicious WebSocket server exhaust all client memory by flooding it with rapid, sequential PING frames. Because curl auto-responds to PINGs by default and imposes no upper bound on memory buffered for unacknowledged frames, the queue of pending PONG responses grows unbounded until the process is OOM-killed. EPSS is low (0.21%, 11th percentile) and there is no public exploit identified at time of analysis, consistent with an availability-only issue affecting the subset of deployments that actually use curl's WebSocket support.
Information disclosure in libcurl (versions 8.18.0 through 8.20.0) causes the HTTP Referer header to persist on a reused easy handle even after an application explicitly clears it by passing NULL to CURLOPT_REFERER. Because the internal referrer state is not reset, a previously set referrer string is silently re-sent on later requests, potentially leaking sensitive URL data (paths, tokens, or query parameters) to unintended destination servers. There is no public exploit identified at time of analysis, EPSS risk is low (0.21%, 11th percentile), and it is not listed in CISA KEV.
Cross-site scripting (JavaScript injection) in Ghost's ActivityPub client (@tryghost/activitypub) prior to version 3.1.0 allows a malicious federated server to embed attacker-controlled script in shared posts that executes in the browser of a victim Ghost user who views the content. The flaw stems from improper sanitization of post content received over ActivityPub federation, enabling session theft or actions performed in the victim's authenticated context. There is no public exploit identified at the time of analysis, and the issue is not listed in CISA KEV.
Memory exhaustion in the Linux kernel networking stack stems from a socket buffer (SKB) leak in neigh_xmit(): when the function is called against an uninitialized neighbour table - for example NEIGH_ND_TABLE while IPv6 is disabled - it returns -EAFNOSUPPORT and bypasses its out_kfree_skb path, leaking the packet buffer because callers (originally MPLS) rely on neigh_xmit() to take ownership of the skb. Repeated triggering slowly exhausts kernel memory, leading to denial of service (CVSS 7.5, A:H). There is no public exploit identified at time of analysis, and EPSS is low (0.19%, 9th percentile); the upstream fix makes neigh_xmit() assume full ownership and free the skb on every path.
Denial of service in the Linux kernel's libceph client allows a malicious or corrupted Ceph cluster to crash the kernel via a null pointer dereference in decode_choose_args(). When processing a CEPH_MSG_OSD_MAP message, a crafted CRUSH map containing choose_args with a bucket_index that points to a NULL (unallocated) bucket triggers the crash, because the code validated only that the index stayed within max_buckets, not that the target bucket was non-NULL. There is no public exploit identified at time of analysis, EPSS exploitation probability is low (0.18%, 8th percentile), and the issue is patched upstream.
Denial of service in the Linux kernel's libceph (Ceph client) subsystem allows a malicious or compromised Ceph monitor/OSD to crash a connected client by sending a crafted CEPH_MSG_OSD_MAP whose embedded CRUSH map carries two choose_args maps sharing the same choose_args_index. The duplicate index trips an assertion in insert_choose_arg_map() during decode_choose_args(), triggering a kernel BUG and panic. CVSS is 7.5 (availability-only); there is no public exploit identified at time of analysis and EPSS is low at 0.18% (8th percentile).
Remote denial of service in the Linux kernel arises from a SOFTIRQ-safe to SOFTIRQ-unsafe lock-ordering deadlock in the fasync signaling path (fs/fcntl), where send_sigio() and send_sigurg() take read_lock(&tasklist_lock) from softirq context while traversing a process group (PIDTYPE_PGID). When this collides with a writer spinning on tasklist_lock during fork()/exit(), the CPU can deadlock and hang. The flaw is reachable remotely via TCP URG packets (send_sigurg through NET_RX_SOFTIRQ), affects multiple stable branches, and is fixed by switching the traversal to RCU. There is no public exploit identified at time of analysis and EPSS is low (0.18%).