Ubuntu

NULL pointer dereference in Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) allows an unprivileged local user to trigger a kernel oops, resulting in a denial of service. The flaw resides specifically in Ubuntu's out-of-tree SAUCE patches for AF_INET/AF_INET6 socket mediation - mainline Linux kernel builds are unaffected. No active exploitation is confirmed (not in CISA KEV), no public exploit has been identified at time of analysis, and the CVSS score of 3.3 (Low) accurately reflects the constrained impact: local access only, no confidentiality or integrity loss, and limited availability degradation.

Uninitialized variable use in Ubuntu Linux 6.8's AppArmor AF_INET/AF_INET6 socket mediation code allows an authenticated local user to cause incorrect enforcement of fine-grained network socket access controls. The flaw resides in Ubuntu-specific SAUCE patches layered on top of the mainline Linux 6.8 kernel, meaning it is not present in upstream distributions. No public exploit code or active exploitation has been identified at time of analysis; Canonical has issued a fix via the Ubuntu Noble kernel repository.

Kernel panic via NULL pointer dereference in Ubuntu Linux 6.8's AppArmor notification handler allows a locally authenticated, unprivileged user to crash the system. The flaw resides in Ubuntu-specific SAUCE patches - out-of-tree modifications maintained by Canonical - meaning the vulnerable code path does not exist in upstream mainline kernels. With a CVSS score of 5.5 and an availability-only impact, the practical consequence is a local denial-of-service: any low-privilege user with shell access can force a kernel panic. No active exploitation has been confirmed by CISA KEV and no public exploit code has been identified at time of analysis.

Kernel availability loss in Ubuntu Linux 6.8, 6.17, and 7.0 can be triggered by any unprivileged local user via a defect in Ubuntu-specific AppArmor SAUCE patches, where notification handling code incorrectly sleeps while holding a spinlock. Violating this kernel locking invariant results in kernel panic or deadlock, causing a full system crash or hang. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, but the low-complexity, low-privilege trigger conditions make it a realistic denial-of-service risk on any multi-user Ubuntu system running the affected kernel versions.

Out-of-bounds heap read in Ubuntu Linux kernels 6.8, 6.17, and 7.0 stems from AppArmor SAUCE patches miscomputing an internal buffer size during notification handling, allowing an unprivileged local user to feed invalid data into the AppArmor DFA policy engine. The flaw carries a CVSS 7.8 (high) and currently has no public exploit identified at time of analysis, though Canonical has shipped an upstream kernel fix. Impact is limited to local attackers but high-severity given full CIA impact in the CVSS vector.

Out-of-bounds read in Ubuntu Linux kernels 6.8, 6.17, and 7.0 exposes adjacent slab allocator memory to any local low-privileged user. The flaw originates in Canonical's Ubuntu-specific AppArmor SAUCE patches, which incorrectly validate the size of an internal structure during notification handling, enabling controlled reads past the intended memory boundary. No public exploit identified at time of analysis, and exploitation is strictly local; however, C:H in the CVSS vector confirms that successful exploitation can yield high-sensitivity kernel or cross-process data from slab neighbors.

Local privilege escalation in Ubuntu Linux 6.8 kernel stems from an AppArmor SAUCE patch that omits proper locking when modifying a linked list, enabling a race condition that can be exploited by an unprivileged local user. Successful exploitation leads to a use-after-free condition with theoretical arbitrary code execution in kernel context. No public exploit identified at time of analysis, and the issue is not present on the CISA KEV list.

Incorrect caching of AppArmor notification responses in Ubuntu Linux kernel versions 6.8, 7.17, and 7.0 stems from an uninitialized variable (CWE-457) in Ubuntu-specific AppArmor SAUCE patch code. An unprivileged local user can trigger this bug to corrupt the AppArmor notification response cache, producing a low-severity integrity impact. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog; the CVSS score of 3.3 (Low) reflects its constrained local-only, limited-impact nature.

Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) improperly validate the size of the name field in AppArmor notification responses, allowing a local low-privileged user to trigger handling of crafted responses with potential limited integrity impact. The vulnerability carries a CVSS score of 3.3 (Low) with a local attack vector, restricted to integrity effects only and no confidentiality or availability consequences. No public exploit has been identified at time of analysis and this vulnerability is not listed in CISA KEV.

Ubuntu Linux kernels 6.8, 6.17, and 7.0 ship Ubuntu-specific AppArmor SAUCE patches that incorrectly call kfree() on a pointer never allocated via kmalloc(), while simultaneously leaking the legitimately allocated memory. Any unprivileged local user can trigger this kernel memory management flaw, corrupting slab allocator metadata and driving the system toward resource exhaustion or instability. No public exploit code exists and no CISA KEV listing is present at time of analysis; however, CVSS rates availability impact as High given the potential for kernel-level denial of service.

NULL pointer dereference in Ubuntu Linux kernel versions 6.8, 6.17, and 7.0 allows a local unprivileged user to crash the kernel via the AppArmor notification handling path. The flaw exists exclusively in Ubuntu-specific SAUCE patches layered on top of the upstream Linux kernel, meaning only Ubuntu kernels carrying these versions are affected - not upstream Linux or other distributions. No public exploit code or active exploitation has been identified at time of analysis; the impact is limited to a kernel oops (availability loss, CVSS A:L), with no confidentiality or integrity impact.

Memory exhaustion via AppArmor notification handling affects Ubuntu Linux kernel versions carrying Ubuntu-specific SAUCE patches (6.8, 6.17, 7.0). An unprivileged local user can trigger a memory leak by eliciting large responses to AppArmor userspace notifications, repeatedly consuming kernel memory without release. No active exploitation confirmed (not in CISA KEV) and no public exploit code identified, but the low-privilege local trigger lowers the bar for insider or co-tenant abuse in multi-user and container environments.

Authentication-context bypass in pam_usb before 0.9.0 lets a person holding an enrolled USB device authenticate over SSH while the module's deny_remote protection wrongly classifies the connection as a local terminal session. The root cause is an incomplete check of the utmpx ut_addr_v6 field that misreads IPv4-mapped IPv6 addresses (::ffff:x.x.x.x) as having no remote address, which is the normal way Debian and Ubuntu record incoming IPv4 SSH connections when sshd listens on the IPv6 wildcard. There is no public exploit identified at time of analysis and the CVE is not in CISA KEV, but the operation needed to trigger it is trivial once the operator possesses a registered token.

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aa_dfa_match (security/apparmor/match.c:535) Read of size 1 at addr ffff0008901cc000 by task snap-update-ns/2120 CPU: 5 UID: 60578 PID: 2120 Comm: snap-update-ns Not tainted 7.0.0-rc4+ #22 PREEMPTLAZY Hardware name: LENOVO 83ED/LNVNB161216, BIOS NHCN60WW 09/11/2025 Call trace: show_stack (arch/arm64/kernel/stacktrace.c:501) (C) dump_stack_lvl (lib/dump_stack.c:122) print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) kasan_report (mm/kasan/report.c:597) __asan_report_load1_noabort (mm/kasan/report_generic.c:378) aa_dfa_match (security/apparmor/match.c:535) match_mnt_path_str (security/apparmor/mount.c:244 security/apparmor/mount.c:336) match_mnt (security/apparmor/mount.c:371) aa_bind_mount (security/apparmor/mount.c:447 (discriminator 4)) apparmor_sb_mount (security/apparmor/lsm.c:719 (discriminator 1)) security_sb_mount (security/security.c:1062 (discriminator 31)) path_mount (fs/namespace.c:4101) __arm64_sys_mount (fs/namespace.c:4172 fs/namespace.c:4361 fs/namespace.c:4338 fs/namespace.c:4338) invoke_syscall.constprop.0 (arch/arm64/kernel/syscall.c:35 arch/arm64/kernel/syscall.c:49) el0_svc_common.constprop.0 (./include/linux/thread_info.h:142 (discriminator 2) arch/arm64/kernel/syscall.c:140 (discriminator 2)) do_el0_svc (arch/arm64/kernel/syscall.c:152) el0_svc (arch/arm64/kernel/entry-common.c:80 arch/arm64/kernel/entry-common.c:725) el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:744) el0t_64_sync (arch/arm64/kernel/entry.S:596) Allocated by task 2120: kasan_save_stack (mm/kasan/common.c:58) kasan_save_track (./arch/arm64/include/asm/current.h:19 mm/kasan/common.c:70 mm/kasan/common.c:79) kasan_save_alloc_info (mm/kasan/generic.c:571) __kasan_kmalloc (mm/kasan/common.c:419) __kmalloc_noprof (./include/linux/kasan.h:263 mm/slub.c:5260 mm/slub.c:5272) aa_get_buffer (security/apparmor/lsm.c:2201) aa_bind_mount (security/apparmor/mount.c:442) apparmor_sb_mount (security/apparmor/lsm.c:719 (discriminator 1)) security_sb_mount (security/security.c:1062 (discriminator 31)) path_mount (fs/namespace.c:4101) __arm64_sys_mount (fs/namespace.c:4172 fs/namespace.c:4361 fs/namespace.c:4338 fs/namespace.c:4338) invoke_syscall.constprop.0 (arch/arm64/kernel/syscall.c:35 arch/arm64/kernel/syscall.c:49) el0_svc_common.constprop.0 (./include/linux/thread_info.h:142 (discriminator 2) arch/arm64/kernel/syscall.c:140 (discriminator 2)) do_el0_svc (arch/arm64/kernel/syscall.c:152) el0_svc (arch/arm64/kernel/entry-common.c:80 arch/arm64/kernel/entry-common.c:725) el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:744) el0t_64_sync (arch/arm64/kernel/entry.S:596) The buggy address belongs to the object at ffff0008901ca000 which belongs to the cache kmalloc-rnd-06-8k of size 8192 The buggy address is located 0 bytes to the right of allocated 8192-byte region [ffff0008901ca000, ffff0008901cc000) The buggy address belongs to the physical page: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x9101c8 head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:-1 pincount:0 flags: 0x8000000000000040(head|zone=2) page_type: f5(slab) raw: 8000000000000040 ffff000800016c40 fffffdffe2d14e10 ffff000800015c70 raw: 0000000000000000 0000000800010001 00000000f5000000 0000000000000000 head: 8000000000000040 ffff000800016c40 fffffdffe2d14e10 ffff000800015c70 head: 0000000000000000 0000000800010001 00000000f5000000 0000000000000000 head: 8000000000000003 fffffdffe2407201 fffffdffffffffff 00000000ffffffff head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff0008901cbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff0008 ---truncated---

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix invalid deref of rawdata when export_binary is unset If the export_binary parameter is disabled on runtime, profiles that were loaded before that will still have their rawdata stored in apparmorfs, with a symbolic link to the rawdata on the policy directory. When one of those profiles are replaced, the rawdata is set to NULL, but when trying to resolve the symbolic links to rawdata for that profile, it will try to dereference profile->rawdata->name when profile->rawdata is now NULL causing an oops. Fix it by checking if rawdata is set. [ 168.653080] BUG: kernel NULL pointer dereference, address: 0000000000000088 [ 168.657420] #PF: supervisor read access in kernel mode [ 168.660619] #PF: error_code(0x0000) - not-present page [ 168.663613] PGD 0 P4D 0 [ 168.665450] Oops: Oops: 0000 [#1] SMP NOPTI [ 168.667836] CPU: 1 UID: 0 PID: 1729 Comm: ls Not tainted 6.19.0-rc7+ #3 PREEMPT(voluntary) [ 168.672308] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 168.679327] RIP: 0010:rawdata_get_link_base.isra.0+0x23/0x330 [ 168.682768] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 55 d0 48 85 ff 0f 84 e3 01 00 00 <48> 83 3c 25 88 00 00 00 00 0f 84 d4 01 00 00 49 89 f6 49 89 cc e8 [ 168.689818] RSP: 0018:ffffcdcb8200fb80 EFLAGS: 00010282 [ 168.690871] RAX: ffffffffaee74ec0 RBX: 0000000000000000 RCX: ffffffffb0120158 [ 168.692251] RDX: ffffcdcb8200fbe0 RSI: ffff88c187c9fa80 RDI: ffff88c186c98a80 [ 168.693593] RBP: ffffcdcb8200fbc0 R08: 0000000000000000 R09: 0000000000000000 [ 168.694941] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88c186c98a80 [ 168.696289] R13: 00007fff005aaa20 R14: 0000000000000080 R15: ffff88c188f4fce0 [ 168.697637] FS: 0000790e81c58280(0000) GS:ffff88c20a957000(0000) knlGS:0000000000000000 [ 168.699227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.700349] CR2: 0000000000000088 CR3: 000000012fd3e000 CR4: 0000000000350ef0 [ 168.701696] Call Trace: [ 168.702325] <TASK> [ 168.702995] rawdata_get_link_data+0x1c/0x30 [ 168.704145] vfs_readlink+0xd4/0x160 [ 168.705152] do_readlinkat+0x114/0x180 [ 168.706214] __x64_sys_readlink+0x1e/0x30 [ 168.708653] x64_sys_call+0x1d77/0x26b0 [ 168.709525] do_syscall_64+0x81/0x500 [ 168.710348] ? do_statx+0x72/0xb0 [ 168.711109] ? putname+0x3e/0x80 [ 168.711845] ? __x64_sys_statx+0xb7/0x100 [ 168.712711] ? x64_sys_call+0x10fc/0x26b0 [ 168.713577] ? do_syscall_64+0xbf/0x500 [ 168.714412] ? do_user_addr_fault+0x1d2/0x8d0 [ 168.715404] ? irqentry_exit+0xb2/0x740 [ 168.716359] ? exc_page_fault+0x90/0x1b0 [ 168.717307] entry_SYSCALL_64_after_hwframe+0x76/0x7e

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption by removing work_list The commit e1168f0 ("RDMA/iwcm: Simplify cm_event_handler()") changed the work submission logic to unconditionally call queue_work() with the expectation that queue_work() would have no effect if work was already pending. The problem is that a free list of struct iwcm_work is used (for which struct work_struct is embedded), so each call to queue_work() is basically unique and therefore does indeed queue the work. This causes a problem in the work handler which walks the work_list until it's empty to process entries. This means that a single run of the work handler could process item N+1 and release it back to the free list while the actual workqueue entry is still queued. It could then get reused (INIT_WORK...) and lead to list corruption in the workqueue logic. Fix this by just removing the work_list. The workqueue already does this for us. This fixes the following error that was observed when stress testing with ucmatose on an Intel E830 in iWARP mode: [ 151.465780] list_del corruption. next->prev should be ffff9f0915c69c08, but was ffff9f0a1116be08. (next=ffff9f0a15b11c08) [ 151.466639] ------------[ cut here ]------------ [ 151.466986] kernel BUG at lib/list_debug.c:67! [ 151.467349] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 151.467753] CPU: 14 UID: 0 PID: 2306 Comm: kworker/u64:18 Not tainted 6.19.0-rc4+ #1 PREEMPT(voluntary) [ 151.468466] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 151.469192] Workqueue: 0x0 (iw_cm_wq) [ 151.469478] RIP: 0010:__list_del_entry_valid_or_report+0xf0/0x100 [ 151.469942] Code: c7 58 5f 4c b2 e8 10 50 aa ff 0f 0b 48 89 ef e8 36 57 cb ff 48 8b 55 08 48 89 e9 48 89 de 48 c7 c7 a8 5f 4c b2 e8 f0 4f aa ff <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 [ 151.471323] RSP: 0000:ffffb15644e7bd68 EFLAGS: 00010046 [ 151.471712] RAX: 000000000000006d RBX: ffff9f0915c69c08 RCX: 0000000000000027 [ 151.472243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff9f0a37d9c600 [ 151.472768] RBP: ffff9f0a15b11c08 R08: 0000000000000000 R09: c0000000ffff7fff [ 151.473294] R10: 0000000000000001 R11: ffffb15644e7bba8 R12: ffff9f092339ee68 [ 151.473817] R13: ffff9f0900059c28 R14: ffff9f092339ee78 R15: 0000000000000000 [ 151.474344] FS: 0000000000000000(0000) GS:ffff9f0a847b5000(0000) knlGS:0000000000000000 [ 151.474934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.475362] CR2: 0000559e233a9088 CR3: 000000020296b004 CR4: 0000000000770ef0 [ 151.475895] PKRU: 55555554 [ 151.476118] Call Trace: [ 151.476331] <TASK> [ 151.476497] move_linked_works+0x49/0xa0 [ 151.476792] __pwq_activate_work.isra.46+0x2f/0xa0 [ 151.477151] pwq_dec_nr_in_flight+0x1e0/0x2f0 [ 151.477479] process_scheduled_works+0x1c8/0x410 [ 151.477823] worker_thread+0x125/0x260 [ 151.478108] ? __pfx_worker_thread+0x10/0x10 [ 151.478430] kthread+0xfe/0x240 [ 151.478671] ? __pfx_kthread+0x10/0x10 [ 151.478955] ? __pfx_kthread+0x10/0x10 [ 151.479240] ret_from_fork+0x208/0x270 [ 151.479523] ? __pfx_kthread+0x10/0x10 [ 151.479806] ret_from_fork_asm+0x1a/0x30 [ 151.480103] </TASK>

In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID array via ovs_vport_get_upcall_portids(). Since ovs_vport_set_upcall_portids() accepts any non-zero multiple of sizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID array large enough to overflow the reply buffer, causing nla_put() to fail with -EMSGSIZE and hitting BUG_ON(err < 0). On systems with unprivileged user namespaces enabled (e.g., Ubuntu default), this is reachable via unshare -Urn since OVS vport mutation operations use GENL_UNS_ADMIN_PERM. kernel BUG at net/openvswitch/datapath.c:2414! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1 RIP: 0010:ovs_vport_cmd_set+0x34c/0x400 Call Trace: <TASK> genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116) genl_rcv_msg (net/netlink/genetlink.c:1194) netlink_rcv_skb (net/netlink/af_netlink.c:2550) genl_rcv (net/netlink/genetlink.c:1219) netlink_unicast (net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sys_sendto (net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) </TASK> Kernel panic - not syncing: Fatal exception Reject attempts to set more PIDs than nr_cpu_ids in ovs_vport_set_upcall_portids(), and pre-compute the worst-case reply size in ovs_vport_cmd_msg_size() based on that bound, similar to the existing ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already used by the per-CPU dispatch configuration on the datapath side (ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the two sides stay consistent.

VM escape in Kata Containers allows any Kubernetes user with pod-creation rights to break out of the VM sandbox and gain full read/write access to the host filesystem. All Kata Containers installations prior to commit ffa59ce3aa78 are affected when using the default configuration.toml, which enables the `virtio_fs_extra_args` and `kernel_params` pod annotations out of the box. An attacker crafts a pod with two annotations: one to redirect virtiofsd to serve the host root filesystem (`/`) into the guest VM, and a second to enable the agent debug console - after which the entire host filesystem is accessible from inside the supposedly isolated VM. A fully working proof-of-concept with confirmed output against Kata Containers 3.28.0 on Ubuntu 24.04 has been publicly disclosed; no public exploit confirmed as actively exploited (CISA KEV) at time of analysis.

Cookie-attribute injection in js-cookie versions 3.0.5 and earlier allows remote attackers to override security-relevant Set-Cookie attributes (domain, secure, samesite, expires, path) by supplying a JSON-derived attributes object containing a __proto__ key. Publicly available exploit code exists in the GHSA-qjx8-664m-686j advisory demonstrating per-instance prototype hijack via the assign() helper. No active exploitation has been observed, and the issue is fixed in 3.0.7.

Horizontal privilege escalation in Open WebUI versions through 0.3.15 allows any authenticated user to enumerate, read, and delete all files uploaded by all other users via missing authorization checks in the files API endpoints. The vulnerability requires only low-privilege authenticated access to the web interface and has publicly available exploit code with a detailed proof-of-concept demonstrating how attackers can list all uploaded files regardless of owner, retrieve file contents, and delete arbitrary user files. Organizations running multi-user Open WebUI deployments face immediate risk of data breach and integrity loss, as file upload features in conversational AI platforms commonly handle sensitive documents and internal communications.

Command injection in @apostrophecms/cli apos create command allows arbitrary command execution when a user supplies specially crafted input during the interactive password prompt. The vulnerability exists in lib/commands/create.js line 186, where user-supplied password input is passed directly into a shell exec() call without sanitization or escaping, enabling attackers to inject shell metacharacters (;, &&, $()) to execute arbitrary commands with the privileges of the user running the CLI. Exploitation requires user interaction (UI:R) and high privilege context (PR:H), but publicly available proof-of-concept demonstrates successful arbitrary code execution on Ubuntu systems with Node.js.

{ "name": "chess-sec-utils1", "version": "1.0.6", "main": "index.js", "type": "module", "browser": { "./d1.txt": "../../../../../../../../etc/hostname", "./d2.json": "../../../../../../../../etc/os-release", "./d3.json": "../../../../../../../../etc/environment" } }

{i}".encode() msg = ( b'Content-Type: multipart/mixed; boundary="' + b + b'"\r\n\r\n' b'--' + b + b'\r\nContent-Type: message/rfc822\r\n\r\n' ) + msg + b'\r\n--' + b + b'--\r\n' return msg ep = eml_parser.EmlParser() ep.decode_email_bytes(build_poc()) ``` Note that the suggested code does not produce an RFC compliant message. Resulting EML payload size: 12,369 bytes. SHA-256 of generated PoC: `00f15f635e21b4144967c2893b37425e6a6bd7b4185c557e5c7e904e1e6d18e8` The crash is deterministic on a stock install. No network, no special headers, no large attachments. Denial of service of any pipeline that processes attacker-supplied EML files using `eml_parser`. A single 12 KB email is enough to crash a worker. If the worker is a long-running process triaging multiple emails, the unhandled exception aborts processing of the whole batch unless the caller wraps the call in a broad `try/except`. Even then, attacker-supplied volume can keep workers in a perpetual restart loop. The vulnerability is exploitable pre-authentication in any deployment that ingests emails from external senders which have not been subject to any kind of basic validation. Considering that email messages pass through a mail-server which does some kind of validation, messages as produced by the *build_poc* function would not reach eml_parser. Nonetheless recursion depth checks have been implemented to handle the described issue. Sebastián Alba Vives (`@Sebasteuo`) Independent security researcher, Senior AppSec Consultant LinkedIn: https://www.linkedin.com/in/sebastian-alba Email: sebasjosue84@gmail.com PGP: `0D1A E4C2 CFC8 894F 19EA DA24 45CD CA33 2CF8 31F4`

Denial of service in Linux kernel drm/amdgpu driver (VCNv2.5) affects virtual function (VF) GPU environments running kernel versions prior to 6.18.16, 6.19.6, and 7.0. During module unload or system deinitialization, VF configurations trigger a kernel warning and potential crash when attempting to release an uninitialized VCN poison interrupt handler. EPSS exploitation probability is very low (0.02%, 4th percentile) with no public exploit or active exploitation (not in CISA KEV). Vendor patches available across multiple stable kernel branches via upstream commits.

Authentication bypass in free5GC Policy Control Function (PCF) allows unauthenticated network attackers to access Session Management policy control APIs and exfiltrate subscriber identities (SUPI). The Npcf_SMPolicyControl service group omits RouterAuthorizationCheck middleware, permitting OAuth-less access to four policy management endpoints that should require service-to-service authentication. Publicly available exploit code exists. CVSS 8.2 reflects direct network access with no authentication barrier, high confidentiality impact from SUPI disclosure, and low integrity impact from unauthorized policy manipulation. No EPSS or KEV data available, but PoC in vendor advisory demonstrates trivial exploitation against default SBI deployments.

Denial of service via kernel warning in MPTCP path manager occurs when combining endpoint removal with fullmesh and flag-setting operations through netlink in the Linux kernel. A local attacker with low privileges can trigger a WARNING in net/mptcp/pm_kernel.c:1074 by sending a crafted sequence of netlink commands, causing the system to emit a kernel warning and potentially become unstable. No known public exploit code exists, but the low CVSS (5.5) and minimal EPSS (0.03%) indicate this is a local DoS with limited real-world impact.

Kernel denial of service via crafted btrfs metadata allowing local attackers to trigger an unguarded BUG_ON() condition during relocation recovery at mount time. The vulnerability arises when a root item on disk contains a non-zero drop_progress with zero drop_level, an invalid state that should not exist but lacks validation on read. CVSS 5.5 reflects local attack vector and availability impact; EPSS 0.02% indicates minimal real-world exploitation likelihood.

In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in __mmap_region() commit 605f6586ecf7 ("mm/vma: do not leak memory when .mmap_prepare swaps the file") handled the success path by skipping get_file() via file_doesnt_need_get, but missed the error path. When /dev/zero is mmap'd with MAP_SHARED, mmap_zero_prepare() calls shmem_zero_setup_desc() which allocates a new shmem file to back the mapping. If __mmap_new_vma() subsequently fails, this replacement file is never fput()'d - the original is released by ksys_mmap_pgoff(), but nobody releases the new one. Add fput() for the swapped file in the error path. Reproducible with fault injection. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 CPU: 2 UID: 0 PID: 366 Comm: syz.7.14 Not tainted 7.0.0-rc6 #2 PREEMPT(full) Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x164/0x1f0 should_fail_ex+0x525/0x650 should_failslab+0xdf/0x140 kmem_cache_alloc_noprof+0x78/0x630 vm_area_alloc+0x24/0x160 __mmap_region+0xf6b/0x2660 mmap_region+0x2eb/0x3a0 do_mmap+0xc79/0x1240 vm_mmap_pgoff+0x252/0x4c0 ksys_mmap_pgoff+0xf8/0x120 __x64_sys_mmap+0x12a/0x190 do_syscall_64+0xa9/0x580 entry_SYSCALL_64_after_hwframe+0x76/0x7e </TASK> kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff8881118aca80 (size 360): comm "syz.7.14", pid 366, jiffies 4294913255 hex dump (first 32 bytes): 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N.......... ff ff ff ff ff ff ff ff c0 28 4d ae ff ff ff ff .........(M..... backtrace (crc db0f53bc): kmem_cache_alloc_noprof+0x3ab/0x630 alloc_empty_file+0x5a/0x1e0 alloc_file_pseudo+0x135/0x220 __shmem_file_setup+0x274/0x420 shmem_zero_setup_desc+0x9c/0x170 mmap_zero_prepare+0x123/0x140 __mmap_region+0xdda/0x2660 mmap_region+0x2eb/0x3a0 do_mmap+0xc79/0x1240 vm_mmap_pgoff+0x252/0x4c0 ksys_mmap_pgoff+0xf8/0x120 __x64_sys_mmap+0x12a/0x190 do_syscall_64+0xa9/0x580 entry_SYSCALL_64_after_hwframe+0x76/0x7e Found by syzkaller.

Remote code execution via unauthenticated command injection in rclone's remote control API allows network attackers to execute arbitrary commands on the host system through a single HTTP request. The vulnerability affects rclone deployments with the RC API enabled (--rc or rclone rcd) that are network-accessible and lack global HTTP authentication. An attacker exploits the unprotected operations/fsinfo endpoint by crafting a WebDAV backend definition with a malicious bearer_token_command parameter, which executes during backend initialization. Confirmed exploitable on master branch (commit bf55d5e6) and release v1.73.4 with public proof-of-concept available. CVSS 9.2 reflects critical severity with network attack vector and no authentication required, though exploitation requires specific deployment configuration (AT:P). No CISA KEV listing or EPSS data available at time of analysis.

Authentication bypass in rclone's remote control (RC) API allows network attackers to disable authorization checks via unauthenticated configuration mutation, enabling full administrative access to RC endpoints. The `options/set` endpoint lacks authentication requirements and permits setting `rc.NoAuth=true`, which disables protection for all RC methods marked `AuthRequired: true`. Affects rclone v1.45 onward when RC is network-accessible without HTTP authentication. No CISA KEV listing or public exploit code identified at time of analysis, though GitHub security advisory provides detailed proof-of-concept reproduction steps. CVSS 9.2 reflects critical severity with network vector and no authentication required, though CVSS:4.0 AT:P (Attack Requirements: Present) indicates specific deployment prerequisites limit automatic exploitation.

Path traversal vulnerability in Poetry's tar extraction function allows arbitrary file writes when processing untrusted source distributions on Python 3.10.0-3.10.12 and 3.11.0-3.11.4, where the tarfile.data_filter safety mechanism is absent or broken. The vulnerability is triggered during dependency resolution (poetry add --lock) or installation before the build backend executes, enabling attackers to write files outside the intended extraction directory via crafted tar member paths, symlinks, or hardlinks in malicious sdists.

{dict} I will ask question, and you will output the Python code using pandas dataframe to answer my question. Do not provide any explanations. Do not respond with anything except the output of the code. Security: Output ONLY pandas/numpy operations on the dataframe (df). Do not use import, exec, eval, open, os, subprocess, or any other system or file operations. The code will be validated and rejected if it contains such constructs. Question: {question} Output Code: ``` Where `{dict}` is the extracted column names and `{question}` is the initial prompt provided by the user. This system prompt is sent to an LLM in order for it to generate a Python script based on the user's prompt, and the LLM-generated response is stored in a variable named `pythonCode`. The method then evaluates the `pythonCode` variable in a pyodide environment. While the LLM-generated Python script is evaluated in a non-sandboxed environment, there is a list of forbidden patterns that are checked before the script is executed on the server. The function `validatePythonCodeForDataFrame()` enumerates through a list named `FORBIDDEN_PATTERNS`, which contains pairs of regex patterns and reasons. Each regex pattern is run against the Python script, and if the pattern is found in the script, the script is invalidated and is not run, responding to the request with a reason for rejection. The input validation can be bypassed, which can still lead to running arbitrary OS commands on the server. An example of this is the pattern `/\bimport\s+(?!pandas|numpy\b)/g`, which intends to search for lines of code that import a module other than pandas or numpy. This can be bypassed by importing along with pandas or numpy. For example, consider the following lines of code: ```python import pandas as np, os as pandas pandas.system("xcalc") ``` Here, pandas is imported, but so is the `os` module, with `pandas` as its alias. OS commands can then be invoked with `pandas.system()`. Using prompt injection techniques, an unauthenticated attacker with the ability to send prompts to a chatflow using the CSV Agent node may convince an LLM to respond with a malicious Python script that executes attacker-controlled commands on the Flowise server. It is also possible for an authenticated attacker to exploit this vulnerability by specifying an attacker-controlled server in a chatflow. This server would respond to prompts with an attacker-controlled Python script instead of an LLM-generated response, which would then be evaluated on the server. ```ts import type { PyodideInterface } from 'pyodide' import * as path from 'path' import { getUserHome } from '../../../src/utils' let pyodideInstance: PyodideInterface | undefined export async function LoadPyodide(): Promise<PyodideInterface> { if (pyodideInstance === undefined) { const { loadPyodide } = await import('pyodide') const obj: any = { packageCacheDir: path.join(getUserHome(), '.flowise', 'pyodideCacheDir') } pyodideInstance = await loadPyodide(obj) await pyodideInstance.loadPackage(['pandas', 'numpy']) } return pyodideInstance } export const systemPrompt = `You are working with a pandas dataframe in Python. The name of the dataframe is df. The columns and data types of a dataframe are given below as a Python`*

Canonical Livepatch snap client prior to 10.15.0 allows local unprivileged users to obtain a root-level authentication token via an unauthenticated request to the livepatchd.sock Unix domain socket, enabling attackers to impersonate the victim and access Livepatch services on systems with an active Ubuntu Pro subscription.

Stack-based buffer overflow in editorconfig-core-c library (versions ≤0.12.10) enables local attackers to crash applications or potentially execute arbitrary code via maliciously crafted .editorconfig files and directory structures. This incomplete fix for CVE-2023-0341 left the l_pattern[8194] stack buffer unprotected while only addressing the pcre_str buffer in version 0.12.6. Patched in version 0.12.11. No active exploitation confirmed (not in CISA KEV), but publicly exploitable with local access and minimal complexity (CVSS AV:L/AC:L/PR:N).

Ubuntu Subiquity 24.04.4 leaks sensitive user credentials in crash report logs submitted to Launchpad during installation failures, potentially exposing plaintext Wi-Fi passwords and other credentials to unauthorized third parties. The vulnerability affects multiple Ubuntu versions (24.04.4, 25.04, and 25.10) and requires user interaction (submission of a crash report) but carries low real-world exploitation risk due to a CVSS score of 2.7 and absence of active exploitation signals. No public exploit code is known; vendor-released patches are available.

ubuntu-desktop-provision version 24.04.4 leaks user password hashes in crash report logs submitted to Launchpad during installation failures. An unauthenticated remote attacker can obtain sensitive credentials if a user opts to report the installation failure, requiring user interaction to trigger the vulnerability but resulting in direct exposure of authentication material. Patch available from Canonical via GitHub pull requests; EPSS and KEV status not actively exploited at time of analysis.

Command injection in BentoML's cloud deployment path allows remote code execution on BentoCloud build infrastructure via malicious bentofile.yaml configurations. While commit ce53491 fixed command injection in local Dockerfile generation by adding shlex.quote protection, the cloud deployment code path (deployment.py:1648) remained vulnerable, directly interpolating system_packages into shell commands without sanitization. Attackers can inject shell metacharacters through bentofile.yaml to execut

Use-after-free in Linux kernel ksmbd SMB server allows local or remote attackers to read freed memory and potentially achieve denial of service or code execution via compound SMB2 requests that reuse a tree connection after it has been disconnected and its associated share_conf structure freed. The vulnerability exists because smb2_get_ksmbd_tcon() bypasses state validation checks when reusing connections in compound requests, enabling subsequent commands to dereference already-freed share_conf pointers. No CVE severity metrics are available, but KASAN confirms memory corruption is triggered in smb2_write operations during tree disconnect sequences.

Use-after-free in Linux kernel's ksmbd SMB server allows remote attackers to crash the kernel or potentially execute code via malicious SMB2 DURABLE_REQ_V2 replay operations. The vulnerability occurs when parse_durable_handle_context() unconditionally reassigns file handle connection pointers during replay operations, causing stale pointer dereferences when the reassigned connection is subsequently freed. A KASAN report confirms the use-after-free in spin_lock operations during file descriptor closure, triggered during SMB2 connection handling in the ksmbd-io workqueue. No public exploit code or active exploitation has been confirmed at time of analysis.

Command injection in nektos/act (GitHub Actions local runner) allows attackers to execute arbitrary code by embedding deprecated workflow commands in untrusted input. Act versions prior to 0.2.86 unconditionally process ::set-env:: and ::add-path:: commands that GitHub Actions disabled in 2020, enabling PATH hijacking and environment variable injection when workflows echo PR titles, branch names, or commit messages. Publicly available exploit code exists with working proof-of-concept demonstrating NODE_OPTIONS and LD_PRELOAD injection vectors. This creates a critical supply chain risk where workflows safe on GitHub Actions become exploitable when developers test them locally with act.

Squid proxy versions prior to 7.5 contain use-after-free and premature resource release vulnerabilities in ICP (Internet Cache Protocol) traffic handling that enable reliable, repeatable denial of service attacks. Remote attackers can exploit these memory safety bugs to crash the Squid service by sending specially crafted ICP packets, affecting deployments that have explicitly enabled ICP support via non-zero icp_port configuration. While no CVSS score or EPSS value is currently published, the vulnerability is confirmed by vendor advisory and includes a public patch commit, indicating moderate to high real-world risk for affected deployments.

A logic error in the Linux kernel's MPTCP (MultiPath TCP) path management subsystem fails to properly track endpoint usage state when an endpoint is configured with both 'signal' and 'subflow' flags and subsequently removed. This causes a kernel warning and potential state inconsistency in the MPTCP connection management code. The vulnerability affects Linux kernel versions and is triggered through netlink socket manipulation by unprivileged users, potentially leading to denial of service or unexpected kernel behavior.

Denial of service in Kea DHCP daemons (versions 2.6.0-2.6.4 and 3.0.0-3.0.2) allows unauthenticated remote attackers to crash affected services by sending maliciously crafted messages to API sockets or HA listeners, triggering a stack overflow. Vulnerable Kea installations across Ubuntu, Red Hat, SUSE, and Debian are susceptible to service interruption attacks with no authentication required. A patch is available for affected distributions.

A NULL pointer dereference vulnerability exists in the Linux kernel's TEQL (Trivial Ethernet Queue Limiting) network scheduler when transmitting through tunnel slave devices, particularly gretap tunnels. The vulnerability occurs because teql_master_xmit() fails to update skb->dev to the slave device before transmission, causing tunnel xmit functions to reference unallocated per-CPU statistics on the TEQL master device. This allows a local or networked attacker to trigger a kernel page fault and crash the system, resulting in a denial of service. No CVSS score, EPSS risk score, or KEV active exploitation status is currently published, but patch commits are available in Linux kernel stable branches (6.18.19, 6.19.9, and 7.0-rc4).

A stack overflow vulnerability exists in the Linux kernel's tunnel transmission functions (iptunnel_xmit and ip6tunnel_xmit) due to missing recursion limits when GRE tap interfaces operate as slaves in bonded devices with broadcast mode enabled. This allows local attackers or legitimate multicast/broadcast traffic to trigger infinite recursion between bond_xmit_broadcast() and tunnel transmission functions, causing kernel stack exhaustion and denial of service. The vulnerability affects multiple Linux kernel versions and has been resolved with the addition of IP_TUNNEL_RECURSION_LIMIT (4) to prevent excessive stack consumption during nested tunnel packet encapsulation.

Heap corruption in Google Chrome's ANGLE graphics library prior to version 146.0.7680.153 can be triggered remotely through a malicious HTML page, potentially enabling arbitrary code execution on affected systems. The vulnerability stems from an integer overflow condition that requires only user interaction with a crafted webpage, affecting Chrome users across Windows, macOS, and Linux platforms. A patch is available and security professionals should prioritize updating to the latest Chrome version to mitigate this high-severity risk.

Heap buffer overflow in Google Chrome's WebRTC component (versions prior to 146.0.7680.153) enables remote code execution when users visit a malicious webpage, requiring only user interaction to trigger the vulnerability. An attacker can exploit this heap corruption to execute arbitrary code with the privileges of the affected browser process. A patch is available for Chrome and affected Linux distributions including Ubuntu and Debian.

An out of bounds read vulnerability exists in the Blink rendering engine of Google Chrome prior to version 146.0.7680.153, allowing remote attackers to read memory outside intended buffer boundaries via a specially crafted HTML page. This vulnerability (CWE-125) has been classified as High severity by the Chromium security team and enables information disclosure attacks without requiring user interaction beyond visiting a malicious webpage. A vendor patch is available, and the vulnerability affects 9 Debian releases, indicating widespread downstream impact across Linux distributions.

Heap corruption in Google Chrome's V8 engine prior to version 146.0.7680.153 enables remote code execution when users visit malicious websites, affecting Chrome, Ubuntu, and Debian systems. An unauthenticated attacker can craft a specially designed HTML page to trigger memory corruption and achieve complete system compromise without user interaction beyond visiting the page. A patch is available for immediate deployment.

Memory disclosure in Google Chrome's Skia rendering engine prior to version 146.0.7680.153 enables unauthenticated attackers to read out-of-bounds memory contents by tricking users into visiting malicious web pages. Affected users across Chrome, Ubuntu, and Debian distributions face potential information leakage including sensitive data from process memory. A patch is available for immediate deployment.

Heap corruption in Google Chrome's WebAudio component (versions prior to 146.0.7680.153) can be triggered through out-of-bounds memory access when processing malicious HTML pages, enabling remote attackers to achieve arbitrary code execution without user interaction beyond viewing the page. The vulnerability affects Chrome, Ubuntu, and Debian systems, with patches now available across all platforms.

Heap memory corruption in Google Chrome prior to version 146.0.7680.153 can be triggered through malicious browser extensions, affecting Chrome users on Google, Ubuntu, and Debian systems. An attacker must convince a user to install a compromised extension to exploit this use-after-free vulnerability and potentially achieve code execution. A patch is available.

Heap memory corruption in Google Chrome's V8 engine (versions prior to 146.0.7680.153) stems from type confusion vulnerabilities that can be triggered through malicious HTML pages without user privileges. An unauthenticated remote attacker can exploit this to achieve arbitrary code execution or crash the browser. The vulnerability affects Chrome, Ubuntu, and Debian systems, with patches now available.

A use-after-free vulnerability in Google Chrome's Digital Credentials API prior to version 146.0.7680.153 enables attackers with a compromised renderer process to escape the sandbox and potentially achieve code execution through a specially crafted HTML page. The vulnerability affects Chrome on multiple platforms including Ubuntu and Debian systems, requiring user interaction to trigger but presenting high impact across confidentiality, integrity, and availability. A patch is available in Chrome 146.0.7680.153 and later versions.

Heap buffer overflow in PDFium within Google Chrome versions prior to 146.0.7680.153 enables remote attackers to corrupt heap memory and potentially achieve code execution by delivering a malicious PDF file. The vulnerability requires user interaction to open the crafted PDF but no authentication or special privileges. Patches are available for affected Google Chrome, Ubuntu, and Debian systems.

Heap memory corruption in Google Chrome versions prior to 146.0.7680.153 can be triggered through a use-after-free vulnerability in the Network component when a user visits a malicious HTML page. An unauthenticated remote attacker can exploit this to achieve arbitrary code execution with high integrity and confidentiality impact. A patch is available for Chrome, Ubuntu, and Debian users.

Cross-origin data leakage in Google Chrome's Dawn component on macOS versions prior to 146.0.7680.153 results from an integer overflow vulnerability that can be triggered through a malicious HTML page. An unauthenticated attacker can exploit this to access sensitive information from other origins without user interaction beyond viewing the crafted page. Patches are available for Chrome, Ubuntu, and Debian.

Heap corruption in Google Chrome's ANGLE graphics library on Windows versions prior to 146.0.7680.153 can be triggered through integer overflow when processing maliciously crafted HTML pages. An unauthenticated remote attacker can exploit this vulnerability by deceiving users into visiting a malicious website, potentially achieving arbitrary code execution. A patch is available across affected platforms including Google Chrome, Microsoft Edge, and various Linux distributions.

A renderer process sandbox escape vulnerability exists in Google Chrome prior to version 146.0.7680.153 due to insufficient input validation in the Navigation component. An attacker who has already compromised the renderer process can exploit this via a crafted HTML page to escape the sandbox and gain elevated privileges on the host system. A patch is available from Google, and the vulnerability is tracked in the EUVD database with High severity classification.

Heap corruption in Google Chrome's V8 engine prior to version 146.0.7680.153 can be triggered through out-of-bounds memory writes when a user visits a malicious webpage. An unauthenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with high integrity and confidentiality impact. A security patch is available for affected users on Chrome, Ubuntu, and Debian systems.

Heap memory corruption in Google Chrome's Blink rendering engine prior to version 146.0.7680.153 can be triggered through a malicious HTML page, potentially enabling remote code execution. An unauthenticated attacker requires only user interaction to exploit this use-after-free vulnerability across network boundaries. A patch is available for affected Chrome, Ubuntu, and Debian users.

Heap buffer overflow in Google Chrome's ANGLE graphics library (versions prior to 146.0.7680.153) enables remote attackers to corrupt heap memory and potentially achieve arbitrary code execution through malicious HTML pages requiring only user interaction. The vulnerability affects Chrome on multiple platforms including Ubuntu and Debian systems. A patch is available and should be applied immediately given the high severity and attack accessibility.

A sandbox escape vulnerability exists in Google Chrome's V8 JavaScript engine prior to version 146.0.7680.153, allowing remote attackers to execute arbitrary code within the Chrome sandbox through a crafted HTML page. This is a High severity issue affecting millions of Chrome users across Windows, macOS, and Linux platforms. The vulnerability is triggered via web-based attack vector (HTML page delivery) and does not require user interaction beyond visiting a malicious website.

Heap corruption via use-after-free in Google Chrome's WebRTC implementation (versions prior to 146.0.7680.153) enables remote attackers to achieve arbitrary code execution through malicious HTML pages, requiring only user interaction. The vulnerability affects Chrome, Ubuntu, and Debian systems with a CVSS score of 8.8, though a patch is available.

Heap memory corruption in Google Chrome's WebRTC implementation prior to version 146.0.7680.153 enables remote attackers to execute arbitrary code by tricking users into visiting malicious websites. The use-after-free vulnerability requires only user interaction and affects Chrome on multiple platforms including Ubuntu and Debian systems. A patch is available to address this high-severity flaw.

Stack buffer overflow in Google Chrome's WebRTC implementation prior to version 146.0.7680.153 enables remote attackers to corrupt stack memory and achieve code execution through maliciously crafted HTML pages. The vulnerability affects Chrome, and potentially downstream products including Chromium-based browsers, requiring only user interaction and no authentication. A patch is available across affected platforms including Ubuntu and Debian.

Sandboxed arbitrary code execution in Google Chrome's WebAudio component (versions prior to 146.0.7680.153) can be triggered remotely through malicious HTML, requiring only user interaction. An attacker can craft a weaponized webpage to break out of the Chrome sandbox and execute arbitrary code on affected systems. This high-severity vulnerability impacts Chrome, Ubuntu, and Debian users, with patches now available.

Google Chrome versions prior to 146.0.7680.153 contain a heap buffer overflow in CSS parsing that enables remote code execution when users visit malicious HTML pages. An unauthenticated attacker can trigger heap memory corruption through a crafted webpage, potentially achieving arbitrary code execution with user privileges. A patch is available and should be applied immediately to all affected systems.

Heap corruption in Google Chrome versions before 146.0.7680.153 results from a use-after-free vulnerability in the Base component, enabling remote attackers to execute arbitrary code through malicious HTML pages. The attack requires user interaction but no authentication, affecting Chrome on multiple platforms including Linux distributions. A patch is available to remediate this critical-severity vulnerability.

This is a critical out-of-bounds read and write vulnerability in the WebGL implementation of Google Chrome prior to version 146.0.7680.153. The vulnerability allows a remote attacker to perform arbitrary memory read and write operations by crafting a malicious HTML page, potentially leading to information disclosure, code execution, or complete system compromise. The vulnerability affects multiple Debian releases and has been assigned ENISA EUVD ID EUVD-2026-13447; a vendor patch is available.

Out-of-bounds memory corruption in Google Chrome's WebGL implementation on Android prior to version 146.0.7680.153 enables remote attackers to escape the browser sandbox by delivering a malicious HTML page, requiring only user interaction. This critical vulnerability affects Chrome users on Android devices and could lead to complete system compromise if successfully exploited. A patch is available in Chrome 146.0.7680.153 and later versions.

An authenticated SQL injection vulnerability exists in Kanboard project management software prior to version 1.2.51. Authenticated attackers with permission to add users to a project can exploit this vulnerability to dump the entire Kanboard database, potentially exposing sensitive project data, user credentials, and application secrets. The vulnerability is confirmed under active tracking by Debian (2 releases) and Ubuntu (medium priority), with a GitHub Security Advisory published.

Kanboard project management software contains a privilege escalation vulnerability in its user invite registration endpoint that allows invited users to inject the 'role=app-admin' parameter during account creation, granting themselves administrator privileges. This affects all Kanboard versions prior to 1.2.51. The vulnerability has documented proof-of-concept exploitation capability (CVSS E:P indicates PoC exists) and carries a CVSS 4.0 score of 7.0 with high integrity impact to both the vulnerable system and subsequent components.

Local privilege escalation in snapd on multiple Ubuntu versions allows authenticated local attackers to obtain root access by exploiting a race condition between snap's temporary directory creation and systemd-tmpfiles cleanup operations. An attacker with local access can manipulate the /tmp directory to escalate privileges when snapd attempts to recreate its private snap directories. This vulnerability affects Ubuntu 16.04 LTS through 24.04 LTS with no patch currently available.

A security vulnerability in A flaw (CVSS 3.9). Remediation should follow standard vulnerability management procedures.

A flaw was found in libsoup, a library used by applications to send network requests.

A security vulnerability in A flaw (CVSS 3.9). Remediation should follow standard vulnerability management procedures.

Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as if OOB SKBs held two references; on Ubuntu Linux 6.8 (Noble Numbat) kernel tree, they have only the queue reference, so the buffer is freed while still reachable and subsequent queue walks dereference freed memory, yielding a reliable local privile...

BigBlueButton versions 3.0.21 and below allow remote denial of service when ClamAV is configured following official documentation, as the exposed clamd ports (3310, 7357) can be targeted by attackers to send malicious documents that exhaust server resources or crash the scanning service. This vulnerability affects Ubuntu and Docker deployments since standard firewall rules do not restrict container traffic, and public exploit code exists. An unauthenticated remote attacker requires only network access to trigger the denial of service condition.

Local denial of service in Linux kernel vsock virtio transport allows a local attacker with unprivileged user privileges to exhaust host memory by advertising a large peer buffer size and reading data slowly, forcing the kernel to queue excessive sk_buff allocations. The vulnerability affects both guest-to-host and host-to-guest communication paths due to shared code between virtio transports. No patch is currently available.

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM Otherwise accessing them can cause a crash.

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices Previously, APU platforms (and other scenarios with uninitialized VRAM managers) triggered a NULL pointer dereference in `ttm_resource_manager_usage()`. The root cause is not that the `struct ttm_resource_manager *man` pointer itself is NULL, but that `man->bdev` (the backing device pointer within the manager) remains uninitialized (NULL) on APUs-since APUs lack dedicated VRAM and do not fully set up VRAM manager structures. When `ttm_resource_manager_usage()` attempts to acquire `man->bdev->lru_lock`, it dereferences the NULL `man->bdev`, leading to a kernel OOPS. 1. **amdgpu_cs.c**: Extend the existing bandwidth control check in `amdgpu_cs_get_threshold_for_moves()` to include a check for `ttm_resource_manager_used()`. If the manager is not used (uninitialized `bdev`), return 0 for migration thresholds immediately-skipping VRAM-specific logic that would trigger the NULL dereference. 2. **amdgpu_kms.c**: Update the `AMDGPU_INFO_VRAM_USAGE` ioctl and memory info reporting to use a conditional: if the manager is used, return the real VRAM usage; otherwise, return 0. This avoids accessing `man->bdev` when it is NULL. 3. **amdgpu_virt.c**: Modify the vf2pf (virtual function to physical function) data write path. Use `ttm_resource_manager_used()` to check validity: if the manager is usable, calculate `fb_usage` from VRAM usage; otherwise, set `fb_usage` to 0 (APUs have no discrete framebuffer to report). This approach is more robust than APU-specific checks because it: - Works for all scenarios where the VRAM manager is uninitialized (not just APUs), - Aligns with TTM's design by using its native helper function, - Preserves correct behavior for discrete GPUs (which have fully initialized `man->bdev` and pass the `ttm_resource_manager_used()` check). v4: use ttm_resource_manager_used(&adev->mman.vram_mgr.manager) instead of checking the adev->gmc.is_app_apu flag (Christian)

In the Linux kernel, the following vulnerability has been resolved: exfat: fix improper check of dentry.stream.valid_size We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service (DoS) condition. When a dentry in an exFAT filesystem is malformed, the following system calls - SYS_openat, SYS_ftruncate, and SYS_pwrite64 - can cause the kernel to hang. Root cause analysis shows that the size validation code in exfat_find() does not check whether dentry.stream.valid_size is negative. As a result, the system calls mentioned above can succeed and eventually trigger the DoS issue. This patch adds a check for negative dentry.stream.valid_size to prevent this vulnerability.

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible memory leak in smb2_read() Memory leak occurs when ksmbd_vfs_read() fails. Fix this by adding the missing kvfree().

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2_sess_setup() Reference count of ksmbd_session will leak when session need reconnect. Fix this by adding the missing ksmbd_user_session_put().

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: cancel mesh send timer when hdev removed mesh_send_done timer is not canceled when hdev is removed, which causes crash if the timer triggers after hdev is gone. Cancel the timer when MGMT removes the hdev, like other MGMT timers. Should fix the BUG: sporadically seen by BlueZ test bot (in "Mesh - Send cancel - 1" test). Log: ------ BUG: KASAN: slab-use-after-free in run_timer_softirq+0x76b/0x7d0 ... Freed by task 36: kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 __kasan_save_free_info+0x3a/0x60 __kasan_slab_free+0x43/0x70 kfree+0x103/0x500 device_release+0x9a/0x210 kobject_put+0x100/0x1e0 vhci_release+0x18b/0x240 ------

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF There is a KASAN: slab-use-after-free read in btusb_disconnect(). Calling "usb_driver_release_interface(&btusb_driver, data->intf)" will free the btusb data associated with the interface. The same data is then used later in the function, hence the UAF. Fix by moving the accesses to btusb data to before the data is free'd.

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has header_ops, so it must set link-local header for RX skb, otherwise things crash, eg. with AF_PACKET SOCK_RAW Add missing skb_reset_mac_header() for uncompressed ipv6 RX path. For the compressed one, it is done in lowpan_header_decompress(). Log: (BlueZ 6lowpan-tester Client Recv Raw - Success) ------ kernel BUG at net/core/skbuff.c:212! Call Trace: <IRQ> ... packet_rcv (net/packet/af_packet.c:2152) ... <TASK> __local_bh_enable_ip (kernel/softirq.c:407) netif_rx (net/core/dev.c:5648) chan_recv_cb (net/bluetooth/6lowpan.c:294 net/bluetooth/6lowpan.c:359) ------

In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto syzbot reported a possible shift-out-of-bounds [1] Blamed commit added rto_alpha_max and rto_beta_max set to 1000. It is unclear if some sctp users are setting very large rto_alpha and/or rto_beta. In order to prevent user regression, perform the test at run time. Also add READ_ONCE() annotations as sysctl values can change under us. [1] UBSAN: shift-out-of-bounds in net/sctp/transport.c:509:41 shift exponent 64 is too large for 32-bit type 'unsigned int' CPU: 0 UID: 0 PID: 16704 Comm: syz.2.2320 Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120 ubsan_epilogue lib/ubsan.c:233 [inline] __ubsan_handle_shift_out_of_bounds+0x27f/0x420 lib/ubsan.c:494 sctp_transport_update_rto.cold+0x1c/0x34b net/sctp/transport.c:509 sctp_check_transmitted+0x11c4/0x1c30 net/sctp/outqueue.c:1502 sctp_outq_sack+0x4ef/0x1b20 net/sctp/outqueue.c:1338 sctp_cmd_process_sack net/sctp/sm_sideeffect.c:840 [inline] sctp_cmd_interpreter net/sctp/sm_sideeffect.c:1372 [inline]

{RT,(full)} Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 Workqueue: events tipc_net_finalize_work Call Trace: <TASK> dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0xca/0x240 mm/kasan/report.c:482 kasan_report+0x118/0x150 mm/kasan/report.c:595 __kasan_check_byte+0x2a/0x40 mm/kasan/common.c:568 kasan_check_byte include/linux/kasan.h:399 [inline] lock_acquire+0x8d/0x360 kernel/locking/lockdep.c:5842 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0xa7/0xf0 kernel/locking/spinlock.c:162 rtlock_slowlock kernel/locking/rtmutex.c:1894 [inline] rwbase_rtmutex_lock_state kernel/locking/spinlock_rt.c:160 [inline] rwbase_write_lock+0xd3/0x7e0 kernel/locking/rwbase_rt.c:244 rt_write_lock+0x76/0x110 kernel/locking/spinlock_rt.c:243 write_lock_bh include/linux/rwlock_rt.h:99 [inline] tipc_mon_reinit_self+0x79/0x430 net/tipc/monitor.c:718 tipc_net_finalize+0x115/0x190 net/tipc/net.c:140 process_one_work kernel/workqueue.c:3236 [inline] process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3319 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400 kthread+0x70e/0x8a0 kernel/kthread.c:463 ret_from_fork+0x439/0x7d0 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> Allocated by task 6089: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3e/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:388 [inline] __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:405 kasan_kmalloc include/linux/kasan.h:260 [inline] __kmalloc_cache_noprof+0x1a8/0x320 mm/slub.c:4407 kmalloc_noprof include/linux/slab.h:905 [inline] kzalloc_noprof include/linux/slab.h:1039 [inline] tipc_mon_create+0xc3/0x4d0 net/tipc/monitor.c:657 tipc_enable_bearer net/tipc/bearer.c:357 [inline] __tipc_nl_bearer_enable+0xe16/0x13f0 net/tipc/bearer.c:1047 __tipc_nl_compat_doit net/tipc/netlink_compat.c:371 [inline] tipc_nl_compat_doit+0x3bc/0x5f0 net/tipc/netlink_compat.c:393 tipc_nl_compat_handle net/tipc/netlink_compat.c:-1 [inline] tipc_nl_compat_recv+0x83c/0xbe0 net/tipc/netlink_compat.c:1321 genl_family_rcv_msg_doit+0x215/0x300 net/netlink/genetlink.c:1115 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0x60e/0x790 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2552 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline] netlink_unicast+0x846/0xa10 net/netlink/af_netlink.c:1346 netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1896 sock_sendmsg_nosec net/socket.c:714 [inline] __sock_sendmsg+0x21c/0x270 net/socket.c:729 ____sys_sendmsg+0x508/0x820 net/socket.c:2614 ___sys_sendmsg+0x21f/0x2a0 net/socket.c:2668 __sys_sendmsg net/socket.c:2700 [inline] __do_sys_sendmsg net/socket.c:2705 [inline] __se_sys_sendmsg net/socket.c:2703 [inline] __x64_sys_sendmsg+0x1a1/0x260 net/socket.c:2703 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xfa/0x3b0 arch/ ---truncated---