{"vulnerability": "CVE-2025-2165", "sightings": [{"uuid": "7c791d3f-291b-449d-a816-2a77e5d7b8e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21651", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "c4f06bd1-5e65-4df8-b785-d88b0cc4a266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21650", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2317", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21650\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue\n\nThe TQP BAR space is divided into two segments. TQPs 0-1023 and TQPs\n1024-1279 are in different BAR space addresses. However,\nhclge_fetch_pf_reg does not distinguish the tqp space information when\nreading the tqp space information. When the number of TQPs is greater\nthan 1024, access bar space overwriting occurs.\nThe problem of different segments has been considered during the\ninitialization of tqp.io_base. Therefore, tqp.io_base is directly used\nwhen the queue is read in hclge_fetch_pf_reg.\n\nThe error message:\n\nUnable to handle kernel paging request at virtual address ffff800037200000\npc : hclge_fetch_pf_reg+0x138/0x250 [hclge]\nlr : hclge_get_regs+0x84/0x1d0 [hclge]\nCall trace:\n hclge_fetch_pf_reg+0x138/0x250 [hclge]\n hclge_get_regs+0x84/0x1d0 [hclge]\n hns3_get_regs+0x2c/0x50 [hns3]\n ethtool_get_regs+0xf4/0x270\n dev_ethtool+0x674/0x8a0\n dev_ioctl+0x270/0x36c\n sock_do_ioctl+0x110/0x2a0\n sock_ioctl+0x2ac/0x530\n __arm64_sys_ioctl+0xa8/0x100\n invoke_syscall+0x4c/0x124\n el0_svc_common.constprop.0+0x140/0x15c\n do_el0_svc+0x30/0xd0\n el0_svc+0x1c/0x2c\n el0_sync_handler+0xb0/0xb4\n el0_sync+0x168/0x180\n\ud83d\udccf Published: 2025-01-19T10:18:07.976Z\n\ud83d\udccf Modified: 2025-01-19T10:18:07.976Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/0575baa733fc4219f230aef22d5bc35d922f1e9a\n2. https://git.kernel.org/stable/c/7997ddd46c54408bcba5e37fe18b4d832e45d4d4", "creation_timestamp": "2025-01-19T10:58:19.000000Z"}, {"uuid": "dfa6014a-3e92-4962-b183-c1066bf89389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21651", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2316", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21651\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: don't auto enable misc vector\n\nCurrently, there is a time window between misc irq enabled\nand service task inited. If an interrupte is reported at\nthis time, it will cause warning like below:\n\n[   16.324639] Call trace:\n[   16.324641]  __queue_delayed_work+0xb8/0xe0\n[   16.324643]  mod_delayed_work_on+0x78/0xd0\n[   16.324655]  hclge_errhand_task_schedule+0x58/0x90 [hclge]\n[   16.324662]  hclge_misc_irq_handle+0x168/0x240 [hclge]\n[   16.324666]  __handle_irq_event_percpu+0x64/0x1e0\n[   16.324667]  handle_irq_event+0x80/0x170\n[   16.324670]  handle_fasteoi_edge_irq+0x110/0x2bc\n[   16.324671]  __handle_domain_irq+0x84/0xfc\n[   16.324673]  gic_handle_irq+0x88/0x2c0\n[   16.324674]  el1_irq+0xb8/0x140\n[   16.324677]  arch_cpu_idle+0x18/0x40\n[   16.324679]  default_idle_call+0x5c/0x1bc\n[   16.324682]  cpuidle_idle_call+0x18c/0x1c4\n[   16.324684]  do_idle+0x174/0x17c\n[   16.324685]  cpu_startup_entry+0x30/0x6c\n[   16.324687]  secondary_start_kernel+0x1a4/0x280\n[   16.324688] ---[ end trace 6aa0bff672a964aa ]---\n\nSo don't auto enable misc vector when request irq..\n\ud83d\udccf Published: 2025-01-19T10:18:08.802Z\n\ud83d\udccf Modified: 2025-01-19T10:18:08.802Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/bcf430d3bb5525fc89a92a0c451c725ba1aa4306\n2. https://git.kernel.org/stable/c/98b1e3b27734139c76295754b6c317aa4df6d32e", "creation_timestamp": "2025-01-19T10:58:19.000000Z"}, {"uuid": "0687ffec-eb21-45bd-bf7d-8dfacdb6b979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21654", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2315", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21654\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\novl: support encoding fid from inode with no alias\n\nDmitry Safonov reported that a WARN_ON() assertion can be trigered by\nuserspace when calling inotify_show_fdinfo() for an overlayfs watched\ninode, whose dentry aliases were discarded with drop_caches.\n\nThe WARN_ON() assertion in inotify_show_fdinfo() was removed, because\nit is possible for encoding file handle to fail for other reason, but\nthe impact of failing to encode an overlayfs file handle goes beyond\nthis assertion.\n\nAs shown in the LTP test case mentioned in the link below, failure to\nencode an overlayfs file handle from a non-aliased inode also leads to\nfailure to report an fid with FAN_DELETE_SELF fanotify events.\n\nAs Dmitry notes in his analyzis of the problem, ovl_encode_fh() fails\nif it cannot find an alias for the inode, but this failure can be fixed.\novl_encode_fh() seldom uses the alias and in the case of non-decodable\nfile handles, as is often the case with fanotify fid info,\novl_encode_fh() never needs to use the alias to encode a file handle.\n\nDefer finding an alias until it is actually needed so ovl_encode_fh()\nwill not fail in the common case of FAN_DELETE_SELF fanotify events.\n\ud83d\udccf Published: 2025-01-19T10:18:11.104Z\n\ud83d\udccf Modified: 2025-01-19T10:18:11.104Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/a1a541fbfa7e97c1100144db34b57553d7164ce5\n2. https://git.kernel.org/stable/c/3c7c90274ae339e1ad443c9be1c67a20b80b9c76\n3. https://git.kernel.org/stable/c/c45beebfde34aa71afbc48b2c54cdda623515037", "creation_timestamp": "2025-01-19T10:58:17.000000Z"}, {"uuid": "bea14bd1-826c-4e5f-837b-711a4799068b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2165", "type": "seen", "source": "https://t.me/cvedetector/21146", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2165 - WordPress SH Email Alert Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-2165 \nPublished : March 26, 2025, 3:15 a.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : The SH Email Alert plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mid' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T05:31:42.000000Z"}, {"uuid": "067748ac-f995-49eb-a2fc-cb22d87ff317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21651", "type": "seen", "source": "https://t.me/cvedetector/15828", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21651 - Huawei NetEngine HNS3 IRiving Responsible Disclosure Typeedium\", \n  \"Content\": \"CVE ID : CVE-2025-21651 \nPublished : Jan. 19, 2025, 11:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: hns3: don't auto enable misc vector  \n  \nCurrently, there is a time window between misc irq enabled  \nand service task inited. If an interrupte is reported at  \nthis time, it will cause warning like below:  \n  \n[   16.324639] Call trace:  \n[   16.324641]  __queue_delayed_work+0xb8/0xe0  \n[   16.324643]  mod_delayed_work_on+0x78/0xd0  \n[   16.324655]  hclge_errhand_task_schedule+0x58/0x90 [hclge]  \n[   16.324662]  hclge_misc_irq_handle+0x168/0x240 [hclge]  \n[   16.324666]  __handle_irq_event_percpu+0x64/0x1e0  \n[   16.324667]  handle_irq_event+0x80/0x170  \n[   16.324670]  handle_fasteoi_edge_irq+0x110/0x2bc  \n[   16.324671]  __handle_domain_irq+0x84/0xfc  \n[   16.324673]  gic_handle_irq+0x88/0x2c0  \n[   16.324674]  el1_irq+0xb8/0x140  \n[   16.324677]  arch_cpu_idle+0x18/0x40  \n[   16.324679]  default_idle_call+0x5c/0x1bc  \n[   16.324682]  cpuidle_idle_call+0x18c/0x1c4  \n[   16.324684]  do_idle+0x174/0x17c  \n[   16.324685]  cpu_startup_entry+0x30/0x6c  \n[   16.324687]  secondary_start_kernel+0x1a4/0x280  \n[   16.324688] ---[ end trace 6aa0bff672a964aa ]---  \n  \nSo don't auto enable misc vector when request irq.. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:07:13.000000Z"}, {"uuid": "706567b8-eef6-441f-af95-e668a7744d7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21650", "type": "seen", "source": "https://t.me/cvedetector/15823", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21650 - \"Huawei Hns3 Overwrite Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-21650 \nPublished : Jan. 19, 2025, 11:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue  \n  \nThe TQP BAR space is divided into two segments. TQPs 0-1023 and TQPs  \n1024-1279 are in different BAR space addresses. However,  \nhclge_fetch_pf_reg does not distinguish the tqp space information when  \nreading the tqp space information. When the number of TQPs is greater  \nthan 1024, access bar space overwriting occurs.  \nThe problem of different segments has been considered during the  \ninitialization of tqp.io_base. Therefore, tqp.io_base is directly used  \nwhen the queue is read in hclge_fetch_pf_reg.  \n  \nThe error message:  \n  \nUnable to handle kernel paging request at virtual address ffff800037200000  \npc : hclge_fetch_pf_reg+0x138/0x250 [hclge]  \nlr : hclge_get_regs+0x84/0x1d0 [hclge]  \nCall trace:  \n hclge_fetch_pf_reg+0x138/0x250 [hclge]  \n hclge_get_regs+0x84/0x1d0 [hclge]  \n hns3_get_regs+0x2c/0x50 [hns3]  \n ethtool_get_regs+0xf4/0x270  \n dev_ethtool+0x674/0x8a0  \n dev_ioctl+0x270/0x36c  \n sock_do_ioctl+0x110/0x2a0  \n sock_ioctl+0x2ac/0x530  \n __arm64_sys_ioctl+0xa8/0x100  \n invoke_syscall+0x4c/0x124  \n el0_svc_common.constprop.0+0x140/0x15c  \n do_el0_svc+0x30/0xd0  \n el0_svc+0x1c/0x2c  \n el0_sync_handler+0xb0/0xb4  \n el0_sync+0x168/0x180 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:07:07.000000Z"}, {"uuid": "53f41715-5298-43b5-b021-4e3d07384e8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21651", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113854836206104794", "content": "", "creation_timestamp": "2025-01-19T11:42:09.863310Z"}, {"uuid": "c1092663-d412-41bc-9fcb-476da8df7ceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21652", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113854836220751391", "content": "", "creation_timestamp": "2025-01-19T11:42:10.327455Z"}, {"uuid": "fbbb8f3b-a25e-4ae4-8781-885792bcac57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21653", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113854836236363705", "content": "", "creation_timestamp": "2025-01-19T11:42:10.403717Z"}, {"uuid": "4d772391-bed1-4e0a-bdee-427b2ac01331", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21654", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113854836251427348", "content": "", "creation_timestamp": "2025-01-19T11:42:10.784767Z"}, {"uuid": "2bd96a14-6882-430f-817a-8c7858d865cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861018791594110", "content": "", "creation_timestamp": "2025-01-20T13:54:28.708679Z"}, {"uuid": "2bc277bf-7c99-43e5-b496-b3e5b099d1ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg6jmzuuxw27", "content": "", "creation_timestamp": "2025-01-20T14:15:54.965017Z"}, {"uuid": "2126c038-1b55-4ac4-8067-1ed6112dd38f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg6liqafqj2e", "content": "", "creation_timestamp": "2025-01-20T14:49:19.019130Z"}, {"uuid": "85ae6bba-f187-446a-8a8b-711f195c8989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "seen", "source": "Telegram/ii7D4YkGNSBdngjp6vaBfuvBkg3IJ08nBGeA8s3WIFBiu-h2", "content": "", "creation_timestamp": "2025-02-23T17:38:05.000000Z"}, {"uuid": "43118f69-a048-47e6-8d9b-39d76a019551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2165", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8795", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2165\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The SH Email Alert plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mid' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-03-26T02:23:49.139Z\n\ud83d\udccf Modified: 2025-03-26T02:23:49.139Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/dc20180b-4665-4ade-b512-b0f0148200e7?source=cve\n2. https://plugins.trac.wordpress.org/browser/sh-email-alert/tags/1.0/manage.php#L156\n3. https://wordpress.org/plugins/sh-email-alert/", "creation_timestamp": "2025-03-26T03:25:09.000000Z"}, {"uuid": "33fc4b88-6875-42f8-9b08-57afb49bd830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21659", "type": "seen", "source": "https://t.me/cvedetector/15942", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21659 - Apache Netlink NAPI Namespace Violation\", \n  \"Content\": \"CVE ID : CVE-2025-21659 \nPublished : Jan. 21, 2025, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnetdev: prevent accessing NAPI instances from another namespace  \n  \nThe NAPI IDs were not fully exposed to user space prior to the netlink  \nAPI, so they were never namespaced. The netlink API must ensure that  \nat the very least NAPI instance belongs to the same netns as the owner  \nof the genl sock.  \n  \nnapi_by_id() can become static now, but it needs to move because of  \ndev_get_by_napi_id(). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T15:17:23.000000Z"}, {"uuid": "cdb479af-7834-4503-97d5-93caef63b7f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21657", "type": "seen", "source": "https://t.me/cvedetector/15940", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21657 - Linux Kernel Sched Ext rq_lock Raw Spin Lock RQ Locking Weakness\", \n  \"Content\": \"CVE ID : CVE-2025-21657 \nPublished : Jan. 21, 2025, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nsched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()  \n  \nscx_ops_bypass() iterates all CPUs to re-enqueue all the scx tasks.  \nFor each CPU, it acquires a lock using rq_lock() regardless of whether  \na CPU is offline or the CPU is currently running a task in a higher  \nscheduler class (e.g., deadline). The rq_lock() is supposed to be used  \nfor online CPUs, and the use of rq_lock() may trigger an unnecessary  \nwarning in rq_pin_lock(). Therefore, replace rq_lock() to  \nraw_spin_rq_lock() in scx_ops_bypass().  \n  \nWithout this change, we observe the following warning:  \n  \n===== START =====  \n[    6.615205] rq->balance_callback && rq->balance_callback != &balance_push_callback  \n[    6.615208] WARNING: CPU: 2 PID: 0 at kernel/sched/sched.h:1730 __schedule+0x1130/0x1c90  \n=====  END  ===== \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T15:17:21.000000Z"}, {"uuid": "925e41d2-21d4-458f-88bc-c2c065fd0eb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21656", "type": "seen", "source": "https://t.me/cvedetector/15939", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21656 - Linux drivetemp SCSI Error Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21656 \nPublished : Jan. 21, 2025, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nhwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur  \n  \nscsi_execute_cmd() function can return both negative (linux codes) and  \npositive (scsi_cmnd result field) error codes.  \n  \nCurrently the driver just passes error codes of scsi_execute_cmd() to  \nhwmon core, which is incorrect because hwmon only checks for negative  \nerror codes. This leads to hwmon reporting uninitialized data to  \nuserspace in case of SCSI errors (for example if the disk drive was  \ndisconnected).  \n  \nThis patch checks scsi_execute_cmd() output and returns -EIO if it's  \nerror code is positive.  \n  \n[groeck: Avoid inline variable declaration for portability] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T15:17:20.000000Z"}, {"uuid": "2fb82ca2-e88a-4c78-88de-f70219f3411b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "seen", "source": "https://t.me/cvedetector/15887", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21655 - Linux Kernel io_uring EventFD RCU Refcount Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21655 \nPublished : Jan. 20, 2025, 2:15 p.m. | 31\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nio_uring/eventfd: ensure io_eventfd_signal() defers another RCU period  \n  \nio_eventfd_do_signal() is invoked from an RCU callback, but when  \ndropping the reference to the io_ev_fd, it calls io_eventfd_free()  \ndirectly if the refcount drops to zero. This isn't correct, as any  \npotential freeing of the io_ev_fd should be deferred another RCU grace  \nperiod.  \n  \nJust call io_eventfd_put() rather than open-code the dec-and-test and  \nfree, which will correctly defer it another RCU grace period. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-20T15:52:49.000000Z"}, {"uuid": "b6dd1b76-ee86-480f-9fa0-6a4e432e913d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21653", "type": "seen", "source": "https://t.me/cvedetector/15843", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21653 - Linux Kernel net_sched cls_flow TCA_FLOW_RSHIFT Out-of-Bounds Shift Discipline Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21653 \nPublished : Jan. 19, 2025, 11:15 a.m. | 45\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute  \n  \nsyzbot found that TCA_FLOW_RSHIFT attribute was not validated.  \nRight shitfing a 32bit integer is undefined for large shift values.  \n  \nUBSAN: shift-out-of-bounds in net/sched/cls_flow.c:329:23  \nshift exponent 9445 is too large for 32-bit type 'u32' (aka 'unsigned int')  \nCPU: 1 UID: 0 PID: 54 Comm: kworker/u8:3 Not tainted 6.13.0-rc3-syzkaller-00180-g4f619d518db9 #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024  \nWorkqueue: ipv6_addrconf addrconf_dad_work  \nCall Trace:  \n   \n  __dump_stack lib/dump_stack.c:94 [inline]  \n  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120  \n  ubsan_epilogue lib/ubsan.c:231 [inline]  \n  __ubsan_handle_shift_out_of_bounds+0x3c8/0x420 lib/ubsan.c:468  \n  flow_classify+0x24d5/0x25b0 net/sched/cls_flow.c:329  \n  tc_classify include/net/tc_wrapper.h:197 [inline]  \n  __tcf_classify net/sched/cls_api.c:1771 [inline]  \n  tcf_classify+0x420/0x1160 net/sched/cls_api.c:1867  \n  sfb_classify net/sched/sch_sfb.c:260 [inline]  \n  sfb_enqueue+0x3ad/0x18b0 net/sched/sch_sfb.c:318  \n  dev_qdisc_enqueue+0x4b/0x290 net/core/dev.c:3793  \n  __dev_xmit_skb net/core/dev.c:3889 [inline]  \n  __dev_queue_xmit+0xf0e/0x3f50 net/core/dev.c:4400  \n  dev_queue_xmit include/linux/netdevice.h:3168 [inline]  \n  neigh_hh_output include/net/neighbour.h:523 [inline]  \n  neigh_output include/net/neighbour.h:537 [inline]  \n  ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236  \n  iptunnel_xmit+0x55d/0x9b0 net/ipv4/ip_tunnel_core.c:82  \n  udp_tunnel_xmit_skb+0x262/0x3b0 net/ipv4/udp_tunnel_core.c:173  \n  geneve_xmit_skb drivers/net/geneve.c:916 [inline]  \n  geneve_xmit+0x21dc/0x2d00 drivers/net/geneve.c:1039  \n  __netdev_start_xmit include/linux/netdevice.h:5002 [inline]  \n  netdev_start_xmit include/linux/netdevice.h:5011 [inline]  \n  xmit_one net/core/dev.c:3590 [inline]  \n  dev_hard_start_xmit+0x27a/0x7d0 net/core/dev.c:3606  \n  __dev_queue_xmit+0x1b73/0x3f50 net/core/dev.c:4434 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:08:08.000000Z"}, {"uuid": "fd7047a3-8c71-4cc8-a7c4-9732868e67c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21652", "type": "seen", "source": "https://t.me/cvedetector/15841", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21652 - In the Linux kernel, the following vulnerability h\", \n  \"Content\": \"CVE ID : CVE-2025-21652 \nPublished : Jan. 19, 2025, 11:15 a.m. | 45\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nipvlan: Fix use-after-free in ipvlan_get_iflink().  \n  \nsyzbot presented an use-after-free report [0] regarding ipvlan and  \nlinkwatch.  \n  \nipvlan does not hold a refcnt of the lower device unlike vlan and  \nmacvlan.  \n  \nIf the linkwatch work is triggered for the ipvlan dev, the lower dev  \nmight have already been freed, resulting in UAF of ipvlan->phy_dev in  \nipvlan_get_iflink().  \n  \nWe can delay the lower dev unregistration like vlan and macvlan by  \nholding the lower dev's refcnt in dev->netdev_ops->ndo_init() and  \nreleasing it in dev->priv_destructor().  \n  \nJakub pointed out calling .ndo_XXX after unregister_netdevice() has  \nreturned is error prone and suggested [1] addressing this UAF in the  \ncore by taking commit 750e51603395 (\"net: avoid potential UAF in  \ndefault_operstate()\") further.  \n  \nLet's assume unregistering devices DOWN and use RCU protection in  \ndefault_operstate() not to race with the device unregistration.  \n  \n[0]:  \nBUG: KASAN: slab-use-after-free in ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353  \nRead of size 4 at addr ffff0000d768c0e0 by task kworker/u8:35/6944  \n  \nCPU: 0 UID: 0 PID: 6944 Comm: kworker/u8:35 Not tainted 6.13.0-rc2-g9bc5c9515b48 #12 4c3cb9e8b4565456f6a355f312ff91f4f29b3c47  \nHardware name: linux,dummy-virt (DT)  \nWorkqueue: events_unbound linkwatch_event  \nCall trace:  \n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:484 (C)  \n __dump_stack lib/dump_stack.c:94 [inline]  \n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120  \n print_address_description mm/kasan/report.c:378 [inline]  \n print_report+0x16c/0x6f0 mm/kasan/report.c:489  \n kasan_report+0xc0/0x120 mm/kasan/report.c:602  \n __asan_report_load4_noabort+0x20/0x30 mm/kasan/report_generic.c:380  \n ipvlan_get_iflink+0x84/0x88 drivers/net/ipvlan/ipvlan_main.c:353  \n dev_get_iflink+0x7c/0xd8 net/core/dev.c:674  \n default_operstate net/core/link_watch.c:45 [inline]  \n rfc2863_policy+0x144/0x360 net/core/link_watch.c:72  \n linkwatch_do_dev+0x60/0x228 net/core/link_watch.c:175  \n __linkwatch_run_queue+0x2f4/0x5b8 net/core/link_watch.c:239  \n linkwatch_event+0x64/0xa8 net/core/link_watch.c:282  \n process_one_work+0x700/0x1398 kernel/workqueue.c:3229  \n process_scheduled_works kernel/workqueue.c:3310 [inline]  \n worker_thread+0x8c4/0xe10 kernel/workqueue.c:3391  \n kthread+0x2b0/0x360 kernel/kthread.c:389  \n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:862  \n  \nAllocated by task 9303:  \n kasan_save_stack mm/kasan/common.c:47 [inline]  \n kasan_save_track+0x30/0x68 mm/kasan/common.c:68  \n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568  \n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]  \n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394  \n kasan_kmalloc include/linux/kasan.h:260 [inline]  \n __do_kmalloc_node mm/slub.c:4283 [inline]  \n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4289  \n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:650  \n alloc_netdev_mqs+0xb4/0x1118 net/core/dev.c:11209  \n rtnl_create_link+0x2b8/0xb60 net/core/rtnetlink.c:3595  \n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3771  \n __rtnl_newlink net/core/rtnetlink.c:3896 [inline]  \n rtnl_newlink+0x122c/0x15c0 net/core/rtnetlink.c:4011  \n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6901  \n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2542  \n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6928  \n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]  \n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1347  \n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1891  \n sock_sendmsg_nosec net/socket.c:711 [inline]  \n __sock_sendmsg net/socket.c:726 [inline]  \n __sys_sendto+0x2ec/0x438 net/socket.c:2197  \n __do_sys_sendto net/socket.c:2204 [inline]  \n __se_sys_sendto[...]", "creation_timestamp": "2025-01-19T13:07:29.000000Z"}, {"uuid": "94f76e9d-a936-4656-9eae-9fd8b6d26fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21654", "type": "seen", "source": "https://t.me/cvedetector/15840", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21654 - \"Linux Kernel: OverlayFS Fid Encoding Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-21654 \nPublished : Jan. 19, 2025, 11:15 a.m. | 45\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \novl: support encoding fid from inode with no alias  \n  \nDmitry Safonov reported that a WARN_ON() assertion can be trigered by  \nuserspace when calling inotify_show_fdinfo() for an overlayfs watched  \ninode, whose dentry aliases were discarded with drop_caches.  \n  \nThe WARN_ON() assertion in inotify_show_fdinfo() was removed, because  \nit is possible for encoding file handle to fail for other reason, but  \nthe impact of failing to encode an overlayfs file handle goes beyond  \nthis assertion.  \n  \nAs shown in the LTP test case mentioned in the link below, failure to  \nencode an overlayfs file handle from a non-aliased inode also leads to  \nfailure to report an fid with FAN_DELETE_SELF fanotify events.  \n  \nAs Dmitry notes in his analyzis of the problem, ovl_encode_fh() fails  \nif it cannot find an alias for the inode, but this failure can be fixed.  \novl_encode_fh() seldom uses the alias and in the case of non-decodable  \nfile handles, as is often the case with fanotify fid info,  \novl_encode_fh() never needs to use the alias to encode a file handle.  \n  \nDefer finding an alias until it is actually needed so ovl_encode_fh()  \nwill not fail in the common case of FAN_DELETE_SELF fanotify events. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-19T13:07:28.000000Z"}, {"uuid": "6cbcf262-a57c-4005-88da-f4b6e197a7d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21657", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgawqxw2b62h", "content": "", "creation_timestamp": "2025-01-21T13:16:05.355085Z"}, {"uuid": "f8a451be-b98b-4426-86ff-022a45980fdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21658", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgay2uc7jx2b", "content": "", "creation_timestamp": "2025-01-21T13:39:36.147736Z"}, {"uuid": "067a5203-7195-4ac6-91af-d4e5173a3113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21656", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866460089615742", "content": "", "creation_timestamp": "2025-01-21T12:58:16.410033Z"}, {"uuid": "e96ebbda-a667-4b37-9651-73cf9e34cc89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21657", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866460104161830", "content": "", "creation_timestamp": "2025-01-21T12:58:16.782368Z"}, {"uuid": "c44a7e8a-2012-4e31-9b5b-7090a6706ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21658", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgawr2cbtx27", "content": "", "creation_timestamp": "2025-01-21T13:16:07.740781Z"}, {"uuid": "12c07e22-5c3b-445a-92ff-80a0facaeb5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21659", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgay2tkkys2g", "content": "", "creation_timestamp": "2025-01-21T13:39:33.373364Z"}, {"uuid": "951ece14-779f-4831-8ae5-39e13a00b8fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21657", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgay2to2q22u", "content": "", "creation_timestamp": "2025-01-21T13:39:33.863407Z"}, {"uuid": "b6df2e4c-3809-4320-a684-c2efad25337d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21659", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866460133660273", "content": "", "creation_timestamp": "2025-01-21T12:58:17.225461Z"}, {"uuid": "e350fd70-91f5-4c8c-9683-c167c3c00126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21658", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866460119828770", "content": "", "creation_timestamp": "2025-01-21T12:58:17.289186Z"}, {"uuid": "7be1e90a-b438-4a2a-89a5-d3964cfc0c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21656", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgawqv6i4f2b", "content": "", "creation_timestamp": "2025-01-21T13:16:02.375016Z"}, {"uuid": "cfb6919e-bdba-4ec7-b973-4de347beaa64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21659", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgawr4gzkt2n", "content": "", "creation_timestamp": "2025-01-21T13:16:10.014214Z"}, {"uuid": "29f60fac-6c38-47a6-aaf4-4da1e401be57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21656", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgay2tdegt2h", "content": "", "creation_timestamp": "2025-01-21T13:39:32.189989Z"}, {"uuid": "18e3d326-b13c-484f-a664-a3a8b59d9f6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21650", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3p4ryjpx2h", "content": "", "creation_timestamp": "2025-01-19T11:16:13.391546Z"}, {"uuid": "7da7fe1d-6b60-497b-b2b1-637ae231afde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21651", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3p4udn322t", "content": "", "creation_timestamp": "2025-01-19T11:16:15.865190Z"}, {"uuid": "a5bda7fc-16e8-4f21-b80a-70c349b047fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21652", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3p4x2p7c2t", "content": "", "creation_timestamp": "2025-01-19T11:16:18.415738Z"}, {"uuid": "6dc63748-6c47-4142-9a6b-705e5e690048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21653", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3p4zraom2w", "content": "", "creation_timestamp": "2025-01-19T11:16:21.289158Z"}, {"uuid": "960e1328-41c6-4a70-ad28-d6bad2642412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21654", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg3p53yxpx27", "content": "", "creation_timestamp": "2025-01-19T11:16:23.736555Z"}, {"uuid": "c12b8ca3-e952-4537-b5ca-10b54f04b3be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21650", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113854777207343821", "content": "", "creation_timestamp": "2025-01-19T11:27:09.840998Z"}, {"uuid": "1cd836eb-3c83-4a02-9526-8e38ea1a4ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21651", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "a09e6198-f372-483b-be0f-58d0c94ae70e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21656", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "575319a4-8ed7-4ba7-a00a-fbc7dacf5557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21658", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "26745b07-1f44-42c7-ba8c-3e708cfda934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21658", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0398/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "9f350dc6-4a3d-4abf-a51c-cc89652d96d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2359", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21655\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/eventfd: ensure io_eventfd_signal() defers another RCU period\n\nio_eventfd_do_signal() is invoked from an RCU callback, but when\ndropping the reference to the io_ev_fd, it calls io_eventfd_free()\ndirectly if the refcount drops to zero. This isn't correct, as any\npotential freeing of the io_ev_fd should be deferred another RCU grace\nperiod.\n\nJust call io_eventfd_put() rather than open-code the dec-and-test and\nfree, which will correctly defer it another RCU grace period.\n\ud83d\udccf Published: 2025-01-20T13:48:40.544Z\n\ud83d\udccf Modified: 2025-01-20T13:48:40.544Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/6b63308c28987c6010b1180c72a6db4df6c68033\n2. https://git.kernel.org/stable/c/8efff2aa2d95dc437ab67c5b4a9f1d3f367baa10\n3. https://git.kernel.org/stable/c/a7085c3ae43b86d4b3d1b8275e6a67f14257e3b7\n4. https://git.kernel.org/stable/c/c9a40292a44e78f71258b8522655bffaf5753bdb", "creation_timestamp": "2025-01-20T13:59:23.000000Z"}, {"uuid": "39d5f6b6-1f3a-4abc-a339-f77cd898461c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5084", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21655\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/eventfd: ensure io_eventfd_signal() defers another RCU period\n\nio_eventfd_do_signal() is invoked from an RCU callback, but when\ndropping the reference to the io_ev_fd, it calls io_eventfd_free()\ndirectly if the refcount drops to zero. This isn't correct, as any\npotential freeing of the io_ev_fd should be deferred another RCU grace\nperiod.\n\nJust call io_eventfd_put() rather than open-code the dec-and-test and\nfree, which will correctly defer it another RCU grace period.\n\ud83d\udccf Published: 2025-01-20T13:48:40.544Z\n\ud83d\udccf Modified: 2025-02-23T07:15:02.767Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/6b63308c28987c6010b1180c72a6db4df6c68033\n2. https://git.kernel.org/stable/c/8efff2aa2d95dc437ab67c5b4a9f1d3f367baa10\n3. https://git.kernel.org/stable/c/a7085c3ae43b86d4b3d1b8275e6a67f14257e3b7\n4. https://git.kernel.org/stable/c/c9a40292a44e78f71258b8522655bffaf5753bdb\n5. https://project-zero.issues.chromium.org/issues/388499293", "creation_timestamp": "2025-02-23T07:24:30.000000Z"}, {"uuid": "7e261abc-a1c8-44ed-8d41-a84b7ddbb88e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21658", "type": "seen", "source": "https://t.me/cvedetector/15941", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21658 - Linux Btrfs NULL Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21658 \nPublished : Jan. 21, 2025, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbtrfs: avoid NULL pointer dereference if no valid extent tree  \n  \n[BUG]  \nSyzbot reported a crash with the following call trace:  \n  \n  BTRFS info (device loop0): scrub: started on devid 1  \n  BUG: kernel NULL pointer dereference, address: 0000000000000208  \n  #PF: supervisor read access in kernel mode  \n  #PF: error_code(0x0000) - not-present page  \n  PGD 106e70067 P4D 106e70067 PUD 107143067 PMD 0  \n  Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI  \n  CPU: 1 UID: 0 PID: 689 Comm: repro Kdump: loaded Tainted: G           O       6.13.0-rc4-custom+ #206  \n  Tainted: [O]=OOT_MODULE  \n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 02/02/2022  \n  RIP: 0010:find_first_extent_item+0x26/0x1f0 [btrfs]  \n  Call Trace:  \n     \n   scrub_find_fill_first_stripe+0x13d/0x3b0 [btrfs]  \n   scrub_simple_mirror+0x175/0x260 [btrfs]  \n   scrub_stripe+0x5d4/0x6c0 [btrfs]  \n   scrub_chunk+0xbb/0x170 [btrfs]  \n   scrub_enumerate_chunks+0x2f4/0x5f0 [btrfs]  \n   btrfs_scrub_dev+0x240/0x600 [btrfs]  \n   btrfs_ioctl+0x1dc8/0x2fa0 [btrfs]  \n   ? do_sys_openat2+0xa5/0xf0  \n   __x64_sys_ioctl+0x97/0xc0  \n   do_syscall_64+0x4f/0x120  \n   entry_SYSCALL_64_after_hwframe+0x76/0x7e  \n     \n  \n[CAUSE]  \nThe reproducer is using a corrupted image where extent tree root is  \ncorrupted, thus forcing to use \"rescue=all,ro\" mount option to mount the  \nimage.  \n  \nThen it triggered a scrub, but since scrub relies on extent tree to find  \nwhere the data/metadata extents are, scrub_find_fill_first_stripe()  \nrelies on an non-empty extent root.  \n  \nBut unfortunately scrub_find_fill_first_stripe() doesn't really expect  \nan NULL pointer for extent root, it use extent_root to grab fs_info and  \ntriggered a NULL pointer dereference.  \n  \n[FIX]  \nAdd an extra check for a valid extent root at the beginning of  \nscrub_find_fill_first_stripe().  \n  \nThe new error path is introduced by 42437a6386ff (\"btrfs: introduce  \nmount option rescue=ignorebadroots\"), but that's pretty old, and later  \ncommit b979547513ff (\"btrfs: scrub: introduce helper to find and fill  \nsector info for a scrub_stripe\") changed how we do scrub.  \n  \nSo for kernels older than 6.6, the fix will need manual backport. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T15:17:22.000000Z"}, {"uuid": "d3840cb0-b64f-4817-9d18-1c20e213e5fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "published-proof-of-concept", "source": "Telegram/nHS0XScXforDrXl5voBaqPDObiEW1keH88ZzbYw4M7lx_JM", "content": "", "creation_timestamp": "2025-02-22T08:00:05.000000Z"}]}