Vulnerability intelligence

CVE-2025-38617 describes a race condition vulnerability found within the Linux kernel's networking subsystem. Specifically, the flaw occurs in the `net/packet` module during the interaction between the `packet_set_ring()` and `packet_notifier()` functions. The vulnerability arises when `packet_set_ring()` releases the `po->bind_lock`, which can allow a separate thread to execute `packet_notifier()` and process an `NETDEV_UP` event. This race condition is analogous to a previously addressed issue. The resolution involves temporarily setting `po->num` to zero, ensuring the socket remains unhooked until the lock is reacquired.

CVE-2025-43529 is a use-after-free vulnerability in WebKit that can be exploited by processing maliciously crafted web content. Google's Threat Analysis Group discovered this flaw. Apple has released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and Safari to address this vulnerability, as it may have been exploited in targeted attacks against specific individuals using versions of iOS before iOS 26. Devices impacted include iPhone 11 and later, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (8th generation and later), and iPad mini (5th generation and later).

CVE-2024-30085 is an elevation of privilege vulnerability found within the Windows Cloud Files Mini Filter Driver (cldflt.sys), a kernel-level component responsible for managing cloud file synchronization operations in Windows, particularly for services like OneDrive. The flaw is a heap-based buffer overflow (CWE-122) that occurs because the driver improperly validates the size of user-supplied data before copying it into a fixed-size buffer when processing reparse points. This vulnerability allows a local attacker with low-level privileges to exploit the system. By crafting a malicious application or script that interacts with the cldflt.sys driver, an attacker can trigger the buffer overflow, corrupting kernel heap memory. Successful exploitation can lead to privilege escalation, granting the attacker SYSTEM-level access and potentially full control over the affected machine.

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.  To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001  Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001

Memory corruption while using alignments for memory allocation.

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF