Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-21953 |
Description: In the Linux kernel, the following vulnerability has been resolved:
net: mana: cleanup mana struct after debugfs_remove()
When on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),
mana_gd_suspend() and mana_gd_resume() are called. If during this
mana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs
pointer does not get reinitialized and ends up pointing to older,
cleaned-up dentry.
Further in the hibernation path, as part of power_down(), mana_gd_shutdown()
is triggered. This call, unaware of the failures in resume, tries to cleanup
the already cleaned up mana_port_debugfs value and hits the following bug:
[ 191.359296] mana 7870:00:00.0: Shutdown was called
[ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098
[ 191.360584] #PF: supervisor write access in kernel mode
[ 191.361125] #PF: error_code(0x0002) - not-present page
[ 191.361727] PGD 1080ea067 P4D 0
[ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI
[ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2
[ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024
[ 191.364124] RIP: 0010:down_write+0x19/0x50
[ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d
[ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS...
EPSS Score: 0.01%
April 1st, 2025 (2 months ago)
|
|
April 1st, 2025 (2 months ago)
|
|
Description: Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. [...]
March 31st, 2025 (2 months ago)
|
|
Description: In the latest Windows 11 Insider Preview Build 26200.5516, Microsoft has removed the ability to install the operating system without both internet connectivity and a Microsoft account, effectively eliminating a long-standing workaround that allowed local account setups during installation. The change was first spotted by security researcher Will Dormann, who noted that Microsoft has removed …
The post Windows 11 Installations to Require Internet Connection and Microsoft Account appeared first on CyberInsider.
March 31st, 2025 (2 months ago)
|
|
Description: Microsoft has begun testing a new Windows 11 tool called Quick Machine Recovery, which is designed to remotely deploy fixes for buggy drivers and configurations that prevent the operating system from starting. [...]
March 30th, 2025 (2 months ago)
|
|
Description: Microsoft has removed the 'BypassNRO.cmd' script from Windows 11 preview builds, which allowed users to bypass the requirement to use a Microsoft Account when installing the operating system. [...]
March 30th, 2025 (2 months ago)
|
|
Description: Microsoft resolved an issue that caused the new Outlook email client to crash when users clicked a button designed to switch back to classic Outlook. [...]
March 28th, 2025 (2 months ago)
|
|
Description: Microsoft has fixed a known issue that caused problems with Remote Desktop and RDS connections after installing Windows updates released since January 2025. [...]
March 28th, 2025 (2 months ago)
|
|
Description: The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. [...]
March 27th, 2025 (2 months ago)
|
|
CVE-2025-2783 |
Description: Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
EPSS Score: 2.01%
March 27th, 2025 (2 months ago)
|