{"vulnerability": "cve-2025-2201", "sightings": [{"uuid": "40cfe290-4bd4-4736-9736-117c0cf4e9bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2201", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:35.000000Z"}, {"uuid": "f944d3e0-d1f4-496b-8334-0f3007414ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22019", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "44cfd427-d71a-4f58-801f-549e0c36659c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22015", "type": "seen", "source": "https://t.me/cvedetector/22446", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22015 - Linux Kernel Shmem Xarray Update Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22015 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmm/migrate: fix shmem xarray update during migration \n \nA shmem folio can be either in page cache or in swap cache, but not at the \nsame time. Namely, once it is in swap cache, folio->mapping should be \nNULL, and the folio is no longer in a shmem mapping. \n \nIn __folio_migrate_mapping(), to determine the number of xarray entries to \nupdate, folio_test_swapbacked() is used, but that conflates shmem in page \ncache case and shmem in swap cache case. It leads to xarray multi-index \nentry corruption, since it turns a sibling entry to a normal entry during \nxas_store() (see [1] for a userspace reproduction). Fix it by only using \nfolio_test_swapcache() to determine whether xarray is storing swap cache \nentries or not to choose the right number of xarray entries to update. \n \n[1] \n \nNote: \nIn __split_huge_page(), folio_test_anon() && folio_test_swapcache() is \nused to get swap_cache address space, but that ignores the shmem folio in \nswap cache case. It could lead to NULL pointer dereferencing when a \nin-swap-cache shmem folio is split at __xa_store(), since \n!folio_test_anon() is true and folio->mapping is NULL. But fortunately, \nits caller split_huge_page_to_list_to_order() bails out early with EBUSY \nwhen folio->mapping is NULL. So no need to take care of it here. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T13:59:56.000000Z"}, {"uuid": "75cd35d0-27fc-41cb-83c3-ac5469f9a5cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22017", "type": "seen", "source": "https://t.me/cvedetector/22445", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22017 - Linux kernel devlink XA-Alloc Cyclic Off-by-Error\", \n \"Content\": \"CVE ID : CVE-2025-22017 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndevlink: fix xa_alloc_cyclic() error handling \n \nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will \nbe returned, which will cause IS_ERR() to be false. Which can lead to \ndereference not allocated pointer (rel). \n \nFix it by checking if err is lower than zero. \n \nThis wasn't found in real usecase, only noticed. Credit to Pierre. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T13:59:55.000000Z"}, {"uuid": "4785ed82-8236-4237-b9e3-ec33b03e3973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22014", "type": "seen", "source": "https://t.me/cvedetector/22451", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22014 - Linux Kernel Qcom PDR Deadlock Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22014 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nsoc: qcom: pdr: Fix the potential deadlock \n \nWhen some client process A call pdr_add_lookup() to add the look up for \nthe service and does schedule locator work, later a process B got a new \nserver packet indicating locator is up and call pdr_locator_new_server() \nwhich eventually sets pdr->locator_init_complete to true which process A \nsees and takes list lock and queries domain list but it will timeout due \nto deadlock as the response will queued to the same qmi->wq and it is \nordered workqueue and process B is not able to complete new server \nrequest work due to deadlock on list lock. \n \nFix it by removing the unnecessary list iteration as the list iteration \nis already being done inside locator work, so avoid it here and just \ncall schedule_work() here. \n \n Process A Process B \n \n process_scheduled_works() \npdr_add_lookup() qmi_data_ready_work() \n process_scheduled_works() pdr_locator_new_server() \n pdr->locator_init_complete=true; \n pdr_locator_work() \n mutex_lock(&pdr->list_lock); \n \n pdr_locate_service() mutex_lock(&pdr->list_lock); \n \n pdr_get_domain_list() \n pr_err(\"PDR: %s get domain list \n txn wait failed: %d\\n\", \n req->service_name, \n ret); \n \nTimeout error log due to deadlock: \n \n\" \n PDR: tms/servreg get domain list txn wait failed: -110 \n PDR: service lookup for msm/adsp/sensor_pd:tms/servreg failed: -110 \n\" \n \nThanks to Bjorn and Johan for letting me know that this commit also fixes \nan audio regression when using the in-kernel pd-mapper as that makes it \neasier to hit this race. [1] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T14:00:03.000000Z"}, {"uuid": "c6a00747-27dc-4199-aa1c-14a79b0eea8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22013", "type": "seen", "source": "https://t.me/cvedetector/22450", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22013 - KVM: arm64: FPSIMD/SVE/SME State Eager Save and Flush Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22013 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state \n \nThere are several problems with the way hyp code lazily saves the host's \nFPSIMD/SVE state, including: \n \n* Host SVE being discarded unexpectedly due to inconsistent \n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to \n result in QEMU crashes where SVE is used by memmove(), as reported by \n Eric Auger: \n \n \n \n* Host SVE state is discarded *after* modification by ptrace, which was an \n unintentional ptrace ABI change introduced with lazy discarding of SVE state. \n \n* The host FPMR value can be discarded when running a non-protected VM, \n where FPMR support is not exposed to a VM, and that VM uses \n FPSIMD/SVE. In these cases the hyp code does not save the host's FPMR \n before unbinding the host's FPSIMD/SVE/SME state, leaving a stale \n value in memory. \n \nAvoid these by eagerly saving and \"flushing\" the host's FPSIMD/SVE/SME \nstate when loading a vCPU such that KVM does not need to save any of the \nhost's FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is \nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is \nplaced in kvm_arch_vcpu_load_fp(). As 'fpsimd_state' and 'fpmr_ptr' \nshould not be used, they are set to NULL; all uses of these will be \nremoved in subsequent patches. \n \nHistorical problems go back at least as far as v5.17, e.g. erroneous \nassumptions about TIF_SVE being clear in commit: \n \n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\") \n \n... and so this eager save+flush probably needs to be backported to ALL \nstable trees. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T14:00:02.000000Z"}, {"uuid": "2f67abfa-f8ca-48a7-9a78-b8f0a84c7794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2201", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lklcf3z2gi2x", "content": "", "creation_timestamp": "2025-03-17T13:51:37.799557Z"}, {"uuid": "fa2f3f01-43aa-4f10-85ab-95009894a088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22018", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmvyq6oj6e2a", "content": "", "creation_timestamp": "2025-04-16T06:48:30.845784Z"}, {"uuid": "98716010-d3bf-48c0-bdd2-4ade3271ac25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22018", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lnafpwdvic2b", "content": "", "creation_timestamp": "2025-04-20T10:07:40.437384Z"}, {"uuid": "ac7e7ff9-d01b-4b25-aa5b-301b293d15de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22010", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "72c835e4-ee42-404a-938c-64eaff896b8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2201", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7753", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2201\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Broken access control vulnerability in the IcProgress Innovaci\u00f3n y Cualificaci\u00f3n plugin. This vulnerability allows an attacker to obtain sensitive information about other users such as public IP addresses, messages with other users and more.\n\ud83d\udccf Published: 2025-03-17T10:13:48.361Z\n\ud83d\udccf Modified: 2025-03-17T10:15:07.196Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-moodle-innovacion-y-cualificacion-plugins", "creation_timestamp": "2025-03-17T10:54:24.000000Z"}, {"uuid": "23d3c84f-fee1-4e03-a41d-22b454ed78d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22016", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10893", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22016\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (pin).\n\nFix it by checking if err is lower than zero.\n\nThis wasn't found in real usecase, only noticed. Credit to Pierre.\n\ud83d\udccf Published: 2025-04-08T08:18:05.907Z\n\ud83d\udccf Modified: 2025-04-08T08:18:05.907Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/cb2f8a5c1fd9e7a1fefa23afe20570e16da1ada4\n2. https://git.kernel.org/stable/c/4d350043be684762e581d9bdd32d543621d01a9c\n3. https://git.kernel.org/stable/c/3614bf90130d60f191a5fe218d04f6251c678e13", "creation_timestamp": "2025-04-08T08:47:01.000000Z"}, {"uuid": "9f6f5ae8-ea69-4b4d-ba81-596ecd42a945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22017", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10892", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22017\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (rel).\n\nFix it by checking if err is lower than zero.\n\nThis wasn't found in real usecase, only noticed. Credit to Pierre.\n\ud83d\udccf Published: 2025-04-08T08:18:06.575Z\n\ud83d\udccf Modified: 2025-04-08T08:18:06.575Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/f8aaa38cfaf6f20afa4db36b6529032fb69165dc\n2. https://git.kernel.org/stable/c/466132f6d28a7e47a82501fe1c46b8f90487412e\n3. https://git.kernel.org/stable/c/f3b97b7d4bf316c3991e5634c9f4847c2df35478", "creation_timestamp": "2025-04-08T08:47:00.000000Z"}, {"uuid": "acdc2308-4133-446d-85dc-0abd9995ee33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22012", "type": "seen", "source": "https://t.me/cvedetector/22449", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22012 - Lenovo Yoga C630 ARM64 Pagetable Walker Coherency Lockup Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22012 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nRevert \"arm64: dts: qcom: sdm845: Affirm IDR0.CCTW on apps_smmu\" \n \nThere are reports that the pagetable walker cache coherency is not a \ngiven across the spectrum of SDM845/850 devices, leading to lock-ups \nand resets. It works fine on some devices (like the Dragonboard 845c, \nbut not so much on the Lenovo Yoga C630). \n \nThis unfortunately looks like a fluke in firmware development, where \nlikely somewhere in the vast hypervisor stack, a change to accommodate \nfor this was only introduced after the initial software release (which \noften serves as a baseline for products). \n \nRevert the change to avoid additional guesswork around crashes. \n \nThis reverts commit 6b31a9744b8726c69bb0af290f8475a368a4b805. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T14:00:01.000000Z"}, {"uuid": "f5596d80-b40b-4c99-a236-1889c0f91ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22011", "type": "seen", "source": "https://t.me/cvedetector/22448", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22011 - Raspberry Pi ARM Linux Kernel USB Power Management Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22011 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nARM: dts: bcm2711: Fix xHCI power-domain \n \nDuring s2idle tests on the Raspberry CM4 the VPU firmware always crashes \non xHCI power-domain resume: \n \nroot@raspberrypi:/sys/power# echo freeze > state \n[ 70.724347] xhci_suspend finished \n[ 70.727730] xhci_plat_suspend finished \n[ 70.755624] bcm2835-power bcm2835-power: Power grafx off \n[ 70.761127] USB: Set power to 0 \n \n[ 74.653040] USB: Failed to set power to 1 (-110) \n \nThis seems to be caused because of the mixed usage of \nraspberrypi-power and bcm2835-power at the same time. So avoid \nthe usage of the VPU firmware power-domain driver, which \nprevents the VPU crash. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T13:59:57.000000Z"}, {"uuid": "e5ca7719-a543-42d7-b75c-a1d02d2da350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22016", "type": "seen", "source": "https://t.me/cvedetector/22447", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22016 - Linux Kernel dpll XA Allocation Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22016 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ndpll: fix xa_alloc_cyclic() error handling \n \nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will \nbe returned, which will cause IS_ERR() to be false. Which can lead to \ndereference not allocated pointer (pin). \n \nFix it by checking if err is lower than zero. \n \nThis wasn't found in real usecase, only noticed. Credit to Pierre. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T13:59:57.000000Z"}, {"uuid": "806433d5-b834-412e-a30a-e9c8e38cba0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22018", "type": "seen", "source": "https://t.me/cvedetector/23055", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22018 - Linux ATM NULL Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22018 \nPublished : April 16, 2025, 5:15 a.m. | 2\u00a0hours, 12\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \natm: Fix NULL pointer dereference \n \nWhen MPOA_cache_impos_rcvd() receives the msg, it can trigger \nNull Pointer Dereference Vulnerability if both entry and \nholding_time are NULL. Because there is only for the situation \nwhere entry is NULL and holding_time exists, it can be passed \nwhen both entry and holding_time are NULL. If these are NULL, \nthe entry will be passd to eg_cache_put() as parameter and \nit is referenced by entry->use code in it. \n \nkasan log: \n \n[ 3.316691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006:I \n[ 3.317568] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] \n[ 3.318188] CPU: 3 UID: 0 PID: 79 Comm: ex Not tainted 6.14.0-rc2 #102 \n[ 3.318601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 \n[ 3.319298] RIP: 0010:eg_cache_remove_entry+0xa5/0x470 \n[ 3.319677] Code: c1 f7 6e fd 48 c7 c7 00 7e 38 b2 e8 95 64 54 fd 48 c7 c7 40 7e 38 b2 48 89 ee e80 \n[ 3.321220] RSP: 0018:ffff88800583f8a8 EFLAGS: 00010006 \n[ 3.321596] RAX: 0000000000000006 RBX: ffff888005989000 RCX: ffffffffaecc2d8e \n[ 3.322112] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000030 \n[ 3.322643] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6558b88 \n[ 3.323181] R10: 0000000000000003 R11: 203a207972746e65 R12: 1ffff11000b07f15 \n[ 3.323707] R13: dffffc0000000000 R14: ffff888005989000 R15: ffff888005989068 \n[ 3.324185] FS: 000000001b6313c0(0000) GS:ffff88806d380000(0000) knlGS:0000000000000000 \n[ 3.325042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \n[ 3.325545] CR2: 00000000004b4b40 CR3: 000000000248e000 CR4: 00000000000006f0 \n[ 3.326430] Call Trace: \n[ 3.326725] \n[ 3.326927] ? die_addr+0x3c/0xa0 \n[ 3.327330] ? exc_general_protection+0x161/0x2a0 \n[ 3.327662] ? asm_exc_general_protection+0x26/0x30 \n[ 3.328214] ? vprintk_emit+0x15e/0x420 \n[ 3.328543] ? eg_cache_remove_entry+0xa5/0x470 \n[ 3.328910] ? eg_cache_remove_entry+0x9a/0x470 \n[ 3.329294] ? __pfx_eg_cache_remove_entry+0x10/0x10 \n[ 3.329664] ? console_unlock+0x107/0x1d0 \n[ 3.329946] ? __pfx_console_unlock+0x10/0x10 \n[ 3.330283] ? do_syscall_64+0xa6/0x1a0 \n[ 3.330584] ? entry_SYSCALL_64_after_hwframe+0x47/0x7f \n[ 3.331090] ? __pfx_prb_read_valid+0x10/0x10 \n[ 3.331395] ? down_trylock+0x52/0x80 \n[ 3.331703] ? vprintk_emit+0x15e/0x420 \n[ 3.331986] ? __pfx_vprintk_emit+0x10/0x10 \n[ 3.332279] ? down_trylock+0x52/0x80 \n[ 3.332527] ? _printk+0xbf/0x100 \n[ 3.332762] ? __pfx__printk+0x10/0x10 \n[ 3.333007] ? _raw_write_lock_irq+0x81/0xe0 \n[ 3.333284] ? __pfx__raw_write_lock_irq+0x10/0x10 \n[ 3.333614] msg_from_mpoad+0x1185/0x2750 \n[ 3.333893] ? __build_skb_around+0x27b/0x3a0 \n[ 3.334183] ? __pfx_msg_from_mpoad+0x10/0x10 \n[ 3.334501] ? __alloc_skb+0x1c0/0x310 \n[ 3.334809] ? __pfx___alloc_skb+0x10/0x10 \n[ 3.335283] ? _raw_spin_lock+0xe0/0xe0 \n[ 3.335632] ? finish_wait+0x8d/0x1e0 \n[ 3.335975] vcc_sendmsg+0x684/0xba0 \n[ 3.336250] ? __pfx_vcc_sendmsg+0x10/0x10 \n[ 3.336587] ? __pfx_autoremove_wake_function+0x10/0x10 \n[ 3.337056] ? fdget+0x176/0x3e0 \n[ 3.337348] __sys_sendto+0x4a2/0x510 \n[ 3.337663] ? __pfx___sys_sendto+0x10/0x10 \n[ 3.337969] ? ioctl_has_perm.constprop.0.isra.0+0x284/0x400 \n[ 3.338364] ? sock_ioctl+0x1bb/0x5a0 \n[ 3.338653] ? __rseq_handle_notify_resume+0x825/0xd20 \n[ 3.339017] ? __pfx_sock_ioctl+0x10/0x10 \n[ 3.339316] ? __pfx___rseq_handle_notify_resume+0x10/0x10 \n[ 3.339727] ? selinux_file_ioctl+0xa4/0x260 \n[ 3.340166] __x64_sys_sendto+0xe0/0x1c0 \n[[...]", "creation_timestamp": "2025-04-16T10:10:34.000000Z"}, {"uuid": "d1c5e6bc-1a1a-412e-802f-d60b4258d6ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22019", "type": "seen", "source": "https://t.me/cvedetector/23071", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22019 - bcachefs Denial of Service and Privilege Escalation\", \n \"Content\": \"CVE ID : CVE-2025-22019 \nPublished : April 16, 2025, 11:15 a.m. | 14\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbcachefs: bch2_ioctl_subvolume_destroy() fixes \n \nbch2_evict_subvolume_inodes() was getting stuck - due to incorrectly \npruning the dcache. \n \nAlso, fix missing permissions checks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T13:31:22.000000Z"}, {"uuid": "8883be1d-4f8c-4966-aad9-4443c80aafc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2201", "type": "seen", "source": "https://t.me/cvedetector/20453", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2201 - IcProgress Innovaci\u00f3n y Cualificaci\u00f3n Plugin Access Control Bypass Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2201 \nPublished : March 17, 2025, 10:15 a.m. | 1\u00a0hour, 23\u00a0minutes ago \nDescription : Broken access control vulnerability in the IcProgress Innovaci\u00f3n y Cualificaci\u00f3n plugin. This vulnerability allows an attacker to obtain sensitive information about other users such as public IP addresses, messages with other users and more. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T13:17:06.000000Z"}, {"uuid": "b5314974-021e-4d01-b4b6-eb08a4d876a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22019", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12010", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22019\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nbcachefs: bch2_ioctl_subvolume_destroy() fixes\n\nbch2_evict_subvolume_inodes() was getting stuck - due to incorrectly\npruning the dcache.\n\nAlso, fix missing permissions checks.\n\ud83d\udccf Published: 2025-04-16T10:20:36.342Z\n\ud83d\udccf Modified: 2025-04-16T10:20:36.342Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/9e6e83e1e2d01b99e70cd7812d7f758a8def9fc8\n2. https://git.kernel.org/stable/c/82383abd39abd635511b8956284a5cc8134c4dc1\n3. https://git.kernel.org/stable/c/558317a5c61045d460a37372181e7b43c0c002bb\n4. https://git.kernel.org/stable/c/707549600c4a012ed71c0204a7992a679880bf33", "creation_timestamp": "2025-04-16T10:55:57.000000Z"}, {"uuid": "6988e4f3-2f8e-4ec2-af2f-74d75224fb58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22012", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114302162564110651", "content": "", "creation_timestamp": "2025-04-08T11:43:08.388663Z"}, {"uuid": "ccd416a3-8186-4534-8425-eb83771bb7ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22017", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lmnyh2gblc2h", "content": "", "creation_timestamp": "2025-04-13T02:22:10.101543Z"}]}