Monthly
Remote denial-of-service vulnerability in Nimiq full nodes allows unauthenticated attackers to crash nodes by publishing malformed Kademlia DHT records with incorrect Ed25519 signature lengths. The vulnerability triggers a panic in the Ed25519 signature verification code when processing DHT records with signatures not exactly 64 bytes. Vendor-released patch: v1.4.0.
Arbitrary code execution and denial of service in AMD Platform Management Framework (PMF) affects Ryzen 7035, 7040, 8040 mobile processors and Ryzen Embedded 8000 series. A local authenticated attacker exploiting an unchecked return value vulnerability can write to arbitrary memory locations, potentially escalating privileges from low to high integrity across system boundaries. The CVSS 4.0 score of 7.1 reflects local attack vector with low complexity but requires specific attack timing conditions (AT:P), though the cross-scope impact (S:H) and high confidentiality/integrity impact to subsequent systems elevate real-world risk for enterprise environments with AMD mobile processors.
Local attackers with low-privilege credentials can exploit unchecked return value handling in AMD Platform Management Framework (PMF) to read or write arbitrary memory addresses across multiple AMD Ryzen processor families (6000, 7000, 8000 series). This CWE-252 flaw enables privilege escalation to kernel level, compromising system confidentiality and availability with high impact across both virtualized and physical contexts. AMD has released security bulletin AMD-SB-4015 addressing the vulnerability. No CISA KEV listing or public exploit code has been identified at time of analysis, but the low attack complexity (AC:L) and local privilege requirement (PR:L) suggest exploitation is technically straightforward for attackers with initial system access.
F5 BIG-IP Advanced WAF and Application Security Manager (ASM) suffer from a denial-of-service vulnerability when processing specially crafted requests against virtual servers with active security policies. Undisclosed malformed requests cause the bd process to terminate, disrupting service availability. Remote unauthenticated attackers can exploit this with low complexity (CVSS:3.1 AV:N/AC:L/PR:N/UI:N) achieving high availability impact (CVSS 7.5). EPSS data not provided, no active exploitation confirmed via CISA KEV at time of analysis. Vendor patch available per F5 advisory K000160727.
Unchecked return value for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Denial of service in nimiq-primitives (Nimiq blockchain core library) allows remote unauthenticated attackers to crash nodes via malformed peer-to-peer messages. Attackers announce election macro blocks containing invalid compressed BLS voting keys, triggering an unwrap() panic during header hash validation. Affects all versions prior to 1.3.0. CVSS 7.5 (High) with network attack vector and no complexity. No public exploit identified at time of analysis, but attack is trivial to execute given the network-accessible attack surface and lack of authentication requirements.
Silent data corruption in uutils coreutils dd utility results from unconditionally suppressing truncation errors on regular files and directories, allowing backup and migration scripts to report successful operations while destination files contain old or corrupted data when disk space is exhausted or file systems are read-only.
Denial of service in Nimiq Core RS Albatross prior to version 1.3.0 allows remote attackers to crash full nodes by sending specially crafted consensus requests (RequestTransactionsProof or RequestTransactionReceiptsByAddress) when the node is operating without a history index. The vulnerability stems from unsafe unwrap() calls that panic when encountering a valid but unindexed state, affecting nodes during synchronization or when intentionally configured without history indexing.
The Linux kernel contains a memory allocation failure vulnerability in the ASoC SDCA (Serial Data Center Audio) subsystem where the find_sdca_entity_iot() function allocates memory for an Entity name but fails to validate whether the allocation succeeded. An attacker with local access could trigger memory allocation failure conditions to cause an information disclosure or denial of service, depending on how the unvalidated null pointer is subsequently used. No CVSS score, EPSS data, or KEV status is currently available for this vulnerability.
Sigstore-ruby versions before 0.2.3 fail to properly validate artifact digests when verifying DSSE bundles with in-toto attestations, causing the library to incorrectly return successful verification even when the artifact does not match the attested subject. This allows attackers to bypass cryptographic verification controls and accept mismatched or tampered artifacts as valid. Organizations using sigstore-ruby for supply chain verification should upgrade to version 0.2.3 immediately, though no patch is currently available for other affected projects.
Remote denial-of-service vulnerability in Nimiq full nodes allows unauthenticated attackers to crash nodes by publishing malformed Kademlia DHT records with incorrect Ed25519 signature lengths. The vulnerability triggers a panic in the Ed25519 signature verification code when processing DHT records with signatures not exactly 64 bytes. Vendor-released patch: v1.4.0.
Arbitrary code execution and denial of service in AMD Platform Management Framework (PMF) affects Ryzen 7035, 7040, 8040 mobile processors and Ryzen Embedded 8000 series. A local authenticated attacker exploiting an unchecked return value vulnerability can write to arbitrary memory locations, potentially escalating privileges from low to high integrity across system boundaries. The CVSS 4.0 score of 7.1 reflects local attack vector with low complexity but requires specific attack timing conditions (AT:P), though the cross-scope impact (S:H) and high confidentiality/integrity impact to subsequent systems elevate real-world risk for enterprise environments with AMD mobile processors.
Local attackers with low-privilege credentials can exploit unchecked return value handling in AMD Platform Management Framework (PMF) to read or write arbitrary memory addresses across multiple AMD Ryzen processor families (6000, 7000, 8000 series). This CWE-252 flaw enables privilege escalation to kernel level, compromising system confidentiality and availability with high impact across both virtualized and physical contexts. AMD has released security bulletin AMD-SB-4015 addressing the vulnerability. No CISA KEV listing or public exploit code has been identified at time of analysis, but the low attack complexity (AC:L) and local privilege requirement (PR:L) suggest exploitation is technically straightforward for attackers with initial system access.
F5 BIG-IP Advanced WAF and Application Security Manager (ASM) suffer from a denial-of-service vulnerability when processing specially crafted requests against virtual servers with active security policies. Undisclosed malformed requests cause the bd process to terminate, disrupting service availability. Remote unauthenticated attackers can exploit this with low complexity (CVSS:3.1 AV:N/AC:L/PR:N/UI:N) achieving high availability impact (CVSS 7.5). EPSS data not provided, no active exploitation confirmed via CISA KEV at time of analysis. Vendor patch available per F5 advisory K000160727.
Unchecked return value for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Denial of service in nimiq-primitives (Nimiq blockchain core library) allows remote unauthenticated attackers to crash nodes via malformed peer-to-peer messages. Attackers announce election macro blocks containing invalid compressed BLS voting keys, triggering an unwrap() panic during header hash validation. Affects all versions prior to 1.3.0. CVSS 7.5 (High) with network attack vector and no complexity. No public exploit identified at time of analysis, but attack is trivial to execute given the network-accessible attack surface and lack of authentication requirements.
Silent data corruption in uutils coreutils dd utility results from unconditionally suppressing truncation errors on regular files and directories, allowing backup and migration scripts to report successful operations while destination files contain old or corrupted data when disk space is exhausted or file systems are read-only.
Denial of service in Nimiq Core RS Albatross prior to version 1.3.0 allows remote attackers to crash full nodes by sending specially crafted consensus requests (RequestTransactionsProof or RequestTransactionReceiptsByAddress) when the node is operating without a history index. The vulnerability stems from unsafe unwrap() calls that panic when encountering a valid but unindexed state, affecting nodes during synchronization or when intentionally configured without history indexing.
The Linux kernel contains a memory allocation failure vulnerability in the ASoC SDCA (Serial Data Center Audio) subsystem where the find_sdca_entity_iot() function allocates memory for an Entity name but fails to validate whether the allocation succeeded. An attacker with local access could trigger memory allocation failure conditions to cause an information disclosure or denial of service, depending on how the unvalidated null pointer is subsequently used. No CVSS score, EPSS data, or KEV status is currently available for this vulnerability.
Sigstore-ruby versions before 0.2.3 fail to properly validate artifact digests when verifying DSSE bundles with in-toto attestations, causing the library to incorrectly return successful verification even when the artifact does not match the attested subject. This allows attackers to bypass cryptographic verification controls and accept mismatched or tampered artifacts as valid. Organizations using sigstore-ruby for supply chain verification should upgrade to version 0.2.3 immediately, though no patch is currently available for other affected projects.