Security Vulnerabilities
In the Linux kernel, the following vulnerability has been resolved:
can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context
If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but
not always, the case), the 'WARN_ON(in_irq)' in
net/core/skbuff.c#skb_release_head_state() might be triggered, under network
congestion circumstances, together with the potential risk of a NULL pointer
dereference.
The root cause of this issue is the call to kfree_skb() instead of
dev_kfree_skb_irq() in net/core/dev.c#enqueue_to_backlog().
This patch prevents the skb to be freed within the call to netif_rx() by
incrementing its reference count with skb_get(). The skb is finally freed by
one of the in-irq-context safe functions: dev_consume_skb_any() or
dev_kfree_skb_any(). The "any" version is used because some drivers might call
can_get_echo_skb() in a normal context.
The reason for this issue to occur is that initially, in the core network
stack, loopback skb were not supposed to be received in hardware IRQ context.
The CAN stack is an exeption.
This bug was previously reported back in 2017 in [1] but the proposed patch
never got accepted.
While [1] directly modifies net/core/dev.c, we try to propose here a
smoother modification local to CAN network stack (the assumption
behind is that only CAN devices are affected by this issue).
[1] http://lore.kernel.org/r/57a3ffb6-3309-3ad5-5a34-e93c3fe3614d@cetitec.com
CVSS Score
5.5
EPSS Score
0.0
Published
2025-04-17
FOXCMS <= V1.25 is vulnerable to SQL Injection via $param['title'] in /admin/util/Field.php.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-04-17
Litepubl CMS <= 7.0.9 is vulnerable to RCE in admin/service/run.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-04-17
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.
CVSS Score
2.9
EPSS Score
0.0
Published
2025-04-17
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8
CVSS Score
7.2
EPSS Score
0.002
Published
2025-04-17
In FOXCMS <=1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The url_prefix, domain, and my_website POST parameters are directly concatenated into SQL statements without filtering.
CVSS Score
7.2
EPSS Score
0.0
Published
2025-04-17
In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation
CVSS Score
6.1
EPSS Score
0.0
Published
2025-04-17
In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces
CVSS Score
8.3
EPSS Score
0.0
Published
2025-04-17
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
CVSS Score
4.2
EPSS Score
0.0
Published
2025-04-17
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
CVSS Score
6.9
EPSS Score
0.0
Published
2025-04-17