280Articles
5Categories
2025-12-07Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 272[−]
7 DecCVE-2025-39762 drm/amd/display: add null checkInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-39789 crypto: x86/aegis - Add missing error checksInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-39748 bpf: Forget ranges when refining tnum after JSETInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38705 drm/amd/pm: fix null pointer accessInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38722 habanalabs: fix UAF in export_dmabuf()Information published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38717 net: kcm: Fix race condition in kcm_unattach()Information published.MSRC.MICROSOFT.COM
7 DecCVE-2024-26756 md: Don't register sync_thread for reshape directlyInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2023-52586 drm/msm/dpu: Add mutex lock in control vblank irqInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-37907 accel/ivpu: Fix locking order in ivpu_job_submitInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-37834 mm/vmscan: don't try to reclaim hwpoison folioInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-37870 drm/amd/display: prevent hang on link training failInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-37920 xsk: Fix race condition in AF_XDP generic RX pathInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-37877 iommu: Clear iommu-dma ops on cleanupInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-37807 bpf: Fix kmemleak warning for percpu hashmapInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-37747 perf: Fix hang while freeing sigtrap eventInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-37750 smb: client: fix UAF in decryption with multichannelInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-35794 dm-raid: really frozen sync_thread during suspendInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-56775 drm/amd/display: Fix handling of plane refcountInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-57875 block: RCU protect disk->conv_zones_bitmapInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-41932 sched: fix warning in sched_setaffinityInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-57809 PCI: imx6: Fix suspend/resume support on i.MX6QDLInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-57857 RDMA/siw: Remove direct link to net_deviceInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-53090 afs: Fix lock recursionInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-50177 drm/amd/display: fix a UBSAN warning in DML2.1Information published.MSRC.MICROSOFT.COM
7 DecCVE-2024-50277 dm: fix a crash if blk_alloc_disk failsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-21696 mm: clear uffd-wp PTE/PMD state on mremap()Information published.MSRC.MICROSOFT.COM
7 DecCVE-2024-42107 ice: Don't process extts if PTP is disabledInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-42065 drm/xe: Add a NULL check in xe_ttm_stolen_mgr_initInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-41045 bpf: Defer work in bpf_timer_cancel_and_freeInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-41008 drm/amdgpu: change vm->task_info handlingInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-42134 virtio-pci: Check if is_avq is NULLInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-39478 crypto: starfive - Do not free stack bufferInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-41067 btrfs: scrub: handle RST lookup error correctlyInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-42081 drm/xe/xe_devcoredump: Check NULL before assignmentsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38333 f2fs: fix to bail out in get_new_segment()Information published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38234 sched/rt: Fix race in push_rt_taskInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38426 drm/amdgpu: Add basic validation for RAS headerInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38264 nvme-tcp: sanitize request list handlingInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38272 net: dsa: b53: do not enable EEE on bcm63xxInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38311 iavf: get rid of the crit lockInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-43826 nfs: pass explicit offset/count to trace eventsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-43872 RDMA/hns: Fix soft lockup under heavy CEQE loadInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-42317 mm/huge_memory: avoid PMD-size page cache if neededInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-22125 md/raid1,raid10: don't ignore IO flagsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-22108 bnxt_en: Mask the bd_cnt field in the TX BD properlyInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-22070 fs/9p: fix NULL pointer dereference on mkdirInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-21961 eth: bnxt: fix truesize for mb-xdp-pass caseInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-22105 bonding: check xdp prog when set bond modeInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-21985 drm/amd/display: Fix out-of-bound accessesInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-22109 ax25: Remove broken autobindInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-39981 Bluetooth: MGMT: Fix possible UAFsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40083 net/sched: sch_qfq: Fix null-deref in agg_dequeueInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-39901 i40e: remove read access to debugfs filesInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-39940 dm-stripe: fix a possible integer overflowInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40103 smb: client: Fix refcount leak for cifs_sb_tlinkInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40105 vfs: Don't leak disconnected dentries on umountInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-44951 serial: sc16is7xx: fix TX fifo corruptionInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-46754 bpf: Remove tst_run from lwt_seg6local_prog_ops.Information published.MSRC.MICROSOFT.COM
7 DecCVE-2024-38608 net/mlx5e: Fix netif state handlingInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-49888 bpf: Fix a sdiv overflow issueInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-49940 l2tp: prevent possible tunnel refcount underflowInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-49932 btrfs: don't readahead the relocation inode on RSTInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-49885 mm, slub: avoid zeroing kmalloc redzoneInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-46870 drm/amd/display: Disable DMCUB timeout for DCN35Information published.MSRC.MICROSOFT.COM
7 DecCVE-2024-49921 drm/amd/display: Check null pointers before usedInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38636 rv: Use strings in da monitors tracepointsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38591 bpf: Reject narrower access to pointer ctx fieldsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38584 padata: Fix pd UAF once and for allInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2023-52485 drm/amd/display: Wake DMCUB before sending a commandInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-56647 net: Fix icmp host relookup triggering ip_rt_bugInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2024-56591 Bluetooth: hci_conn: Use disable_delayed_work_syncInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38011 drm/amdgpu: csa unmap use uninterruptible lockInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-38073 block: fix race between set_blocksize and read pathsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-21892 RDMA/mlx5: Fix the recovery flow of the UMR QPInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-21888 RDMA/mlx5: Fix a WARN during dereg_mr for DM typeInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40111 drm/vmwgfx: Fix Use-after-free in validationInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40135 ipv6: use RCU in ip6_xmit()Information published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40173 net/ip6_tunnel: Prevent perpetual tunnel growthInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()Information published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40158 ipv6: use RCU in ip6_output()Information published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40179 ext4: verify orphan file size is not too bigInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40195 mount: handle NULL values in mnt_ns_release()Information published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40178 pid: Add a judgment for ns null in pid_nr_nsInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40197 media: mc: Clear minor number before put deviceInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40204 sctp: Fix MAC comparison to be constant-timeInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-40202 ipmi: Rework user message limit handlingInformation published.MSRC.MICROSOFT.COM
7 DecCVE-2025-12748 Libvirt: denial of service in xml parsingInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 1[−]
🔥 INCIDENT REPORTING 2[−]
7 DecInside Shanya, a packer-as-a-service fueling modern attacksThe ransomware scene gains another would-be EDR killerSOPHOS.COM
7 DecCISO's Top AI Threat: RansomwareJessica Hoffman and Sandy Dunn delve into the challenges faced by CISOs in defending against AI adversaries. Sandy highlights the persistent threat of ransomware and the emerging concerns around LLM-enabled malware, as demonstrated at DEFCON. Discover how a simple power cable can…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 3[−]
7 DecTalk: AI Coding & Cybersecurity — Why AI coding tools aren’t ready for production yet | Michele Magrisubmitted by boredsquirrel to cybersecurity 2 points | 0 comments https://www.youtube.com/watch?v=w5izvNoA3wISH.ITJUST.WORKS
7 DecHow bad is this?submitted by PriorityMotif to cybersecurity 4 points | 1 comments On a job application site for my local government it reveals if a specific social security has been used or not on that site. The site is very outdated.SH.ITJUST.WORKS
7 DecDon’t use ‘admin’: UK’s top 20 most-used passwords revealed as scams soarsubmitted by cyrano to cybersecurity 2 points | 0 comments https://www.theguardian.com/money/2025/dec/07/uk-top-20-most-used-passwords-scams-cybersecurity cross-posted from: sh.itjust.works/post/51134999 It is a hacker’s dream. Even in the face of repeated warnings to protect onl…SH.ITJUST.WORKS
📡 INFOSEC NEWS 2[−]
7 DecPortugal updates cybercrime law to exempt security researchersPortugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions. [...]BLEEPINGCOMPUTER.COM
7 DecOpenAI denies rolling out ads on ChatGPT paid plansChatGPT is allegedly showing ads to those who pay $20 for the Plus subscription, but OpenAI says this is an app recommendation feature, not an ad. [...]BLEEPINGCOMPUTER.COM