CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A new academic study has reverse-engineered WhatsApp's multi-device group messaging system, formally analyzing its security architecture and uncovering both strong protections and longstanding vulnerabilities. The study conducted by researchers at King's College London and the University of London offers the first comprehensive formal description of how WhatsApp handles encrypted group messaging across multiple devices — …
The post Weaknesses Discovered in WhatsApp’s Multi-Device Group Messaging appeared first on CyberInsider.
May 9th, 2025 (about 2 months ago)
|
|
Description: Months after paying a ransom to suppress the fallout of a major data breach, PowerSchool is facing renewed turmoil as threat actors have begun extorting individual school districts using the same stolen data. The company confirmed that this is not a new incident, but a resurgence tied to the December 2024 breach, with attackers re-leveraging …
The post PowerSchool Ransom Fallout: Extortion Attempts Hit Schools Months After Data Breach appeared first on CyberInsider.
May 9th, 2025 (about 2 months ago)
|
|
Description: 375K USD
May 9th, 2025 (about 2 months ago)
|
CVE-2025-37889 |
Description: In the Linux kernel, the following vulnerability has been resolved:
PCI/MSI: Handle the NOMASK flag correctly for all PCI/MSI backends
The conversion of the XEN specific global variable pci_msi_ignore_mask to a
MSI domain flag, missed the facts that:
1) Legacy architectures do not provide a interrupt domain
2) Parent MSI domains do not necessarily have a domain info attached
Both cases result in an unconditional NULL pointer dereference. This was
unfortunatly missed in review and testing revealed it late.
Cure this by using the existing pci_msi_domain_supports() helper, which
handles all possible cases correctly.
EPSS Score: 0.03%
May 9th, 2025 (about 2 months ago)
|
|
CVE-2025-37888 |
Description: In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()
Add NULL check for mlx5_get_flow_namespace() returns in
mlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent
NULL pointer dereference.
EPSS Score: 0.02%
May 9th, 2025 (about 2 months ago)
|
|
CVE-2025-37887 |
Description: In the Linux kernel, the following vulnerability has been resolved:
pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result
If the FW doesn't support the PDS_CORE_CMD_FW_CONTROL command
the driver might at the least print garbage and at the worst
crash when the user runs the "devlink dev info" devlink command.
This happens because the stack variable fw_list is not 0
initialized which results in fw_list.num_fw_slots being a
garbage value from the stack. Then the driver tries to access
fw_list.fw_names[i] with i >= ARRAY_SIZE and runs off the end
of the array.
Fix this by initializing the fw_list and by not failing
completely if the devcmd fails because other useful information
is printed via devlink dev info even if the devcmd fails.
EPSS Score: 0.02%
May 9th, 2025 (about 2 months ago)
|
|
CVE-2025-37886 |
Description: In the Linux kernel, the following vulnerability has been resolved:
pds_core: make wait_context part of q_info
Make the wait_context a full part of the q_info struct rather
than a stack variable that goes away after pdsc_adminq_post()
is done so that the context is still available after the wait
loop has given up.
There was a case where a slow development firmware caused
the adminq request to time out, but then later the FW finally
finished the request and sent the interrupt. The handler tried
to complete_all() the completion context that had been created
on the stack in pdsc_adminq_post() but no longer existed.
This caused bad pointer usage, kernel crashes, and much wailing
and gnashing of teeth.
EPSS Score: 0.02%
May 9th, 2025 (about 2 months ago)
|
|
CVE-2025-37885 |
Description: In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: Reset IRTE to host control if *new* route isn't postable
Restore an IRTE back to host control (remapped or posted MSI mode) if the
*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of
the GSI routing type. Updating the IRTE if and only if the new GSI is an
MSI results in KVM leaving an IRTE posting to a vCPU.
The dangling IRTE can result in interrupts being incorrectly delivered to
the guest, and in the worst case scenario can result in use-after-free,
e.g. if the VM is torn down, but the underlying host IRQ isn't freed.
EPSS Score: 0.03%
May 9th, 2025 (about 2 months ago)
|
|
CVE-2025-37884 |
Description: In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix deadlock between rcu_tasks_trace and event_mutex.
Fix the following deadlock:
CPU A
_free_event()
perf_kprobe_destroy()
mutex_lock(&event_mutex)
perf_trace_event_unreg()
synchronize_rcu_tasks_trace()
There are several paths where _free_event() grabs event_mutex
and calls sync_rcu_tasks_trace. Above is one such case.
CPU B
bpf_prog_test_run_syscall()
rcu_read_lock_trace()
bpf_prog_run_pin_on_cpu()
bpf_prog_load()
bpf_tracing_func_proto()
trace_set_clr_event()
mutex_lock(&event_mutex)
Delegate trace_set_clr_event() to workqueue to avoid
such lock dependency.
EPSS Score: 0.02%
May 9th, 2025 (about 2 months ago)
|
|
CVE-2025-37883 |
Description: In the Linux kernel, the following vulnerability has been resolved:
s390/sclp: Add check for get_zeroed_page()
Add check for the return value of get_zeroed_page() in
sclp_console_init() to prevent null pointer dereference.
Furthermore, to solve the memory leak caused by the loop
allocation, add a free helper to do the free job.
EPSS Score: 0.03%
May 9th, 2025 (about 2 months ago)
|