Monthly
Silent event loss in Inspektor Gadget prior to 0.50.1 allows local attackers to cause denial of service by filling the 256KB ring-buffer, which triggers undetected data drops without alerting users or administrators. When the buffer becomes full, gadgets silently discard events and fail to report the loss count, potentially hiding critical system events from Kubernetes cluster and Linux host monitoring. A local attacker with limited privileges can exploit this to obscure malicious activity or system anomalies by saturating the instrumentation buffer.
A security vulnerability in scan.rs in spytrap-adb (CVSS 2.7). Remediation should follow standard vulnerability management procedures.
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Silent event loss in Inspektor Gadget prior to 0.50.1 allows local attackers to cause denial of service by filling the 256KB ring-buffer, which triggers undetected data drops without alerting users or administrators. When the buffer becomes full, gadgets silently discard events and fail to report the loss count, potentially hiding critical system events from Kubernetes cluster and Linux host monitoring. A local attacker with limited privileges can exploit this to obscure malicious activity or system anomalies by saturating the instrumentation buffer.
A security vulnerability in scan.rs in spytrap-adb (CVSS 2.7). Remediation should follow standard vulnerability management procedures.
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.