{"vulnerability": "CVE-2025-2173", "sightings": [{"uuid": "c518e021-481c-4776-b389-09e3a99d5deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2173", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk3sxleyjo24", "content": "", "creation_timestamp": "2025-03-11T10:05:40.265663Z"}, {"uuid": "e836982e-5a23-41b2-8af3-f686c2974214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21738", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "69454368-86fe-4573-992e-17afc9dc64ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21730", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "59de98f5-3218-4fb9-b5f7-fed408be0164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21732", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "bedac725-ec9c-46f9-9554-6eede81fae9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21734", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "574cf4ba-fd68-4d64-be3b-cf75316343fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21738", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "fcf8a8ca-95f9-4f42-b463-4a4bc976e801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21739", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "f3af58e0-4436-4e97-a6f2-5113e0497867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21734", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "955e1041-9a2b-42ac-a817-f32688feaed1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21735", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "945538ff-7b74-4f64-89e0-5643b3090402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21735", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "33900a59-98dc-4140-9736-3531fcffdc43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21738", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0398/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "5cb1c05e-7539-474f-bac3-51865d648b76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2173", "type": "seen", "source": "https://t.me/cvedetector/20037", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2173 - Libzvbi Uninitialized Pointer Remote Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2173 \nPublished : March 11, 2025, 7:15 a.m. | 46\u00a0minutes ago \nDescription : A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The patch is identified as 8def647eea27f7fd7ad33ff79c2d6d3e39948dce. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T09:15:42.000000Z"}, {"uuid": "4e3c47ad-2301-48bb-a142-e3170c1d7828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21731", "type": "seen", "source": "https://t.me/cvedetector/18983", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21731 - \"Linux NBD Uninitialized Pointer Dereference\"\", \n \"Content\": \"CVE ID : CVE-2025-21731 \nPublished : Feb. 27, 2025, 2:15 a.m. | 50\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnbd: don't allow reconnect after disconnect \n \nFollowing process can cause nbd_config UAF: \n \n1) grab nbd_config temporarily; \n \n2) nbd_genl_disconnect() flush all recv_work() and release the \ninitial reference: \n \n nbd_genl_disconnect \n nbd_disconnect_and_put \n nbd_disconnect \n flush_workqueue(nbd->recv_workq) \n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...)) \n nbd_config_put \n -> due to step 1), reference is still not zero \n \n3) nbd_genl_reconfigure() queue recv_work() again; \n \n nbd_genl_reconfigure \n config = nbd_get_config_unlocked(nbd) \n if (!config) \n -> succeed \n if (!test_bit(NBD_RT_BOUND, ...)) \n -> succeed \n nbd_reconnect_socket \n queue_work(nbd->recv_workq, &args->work) \n \n4) step 1) release the reference; \n \n5) Finially, recv_work() will trigger UAF: \n \n recv_work \n nbd_config_put(nbd) \n -> nbd_config is freed \n atomic_dec(&config->recv_threads) \n -> UAF \n \nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so \nthat nbd_genl_reconfigure() will fail. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T04:30:18.000000Z"}, {"uuid": "47b7360e-e801-43b5-a006-cba0eaf07ca7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21730", "type": "seen", "source": "https://t.me/cvedetector/18976", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-21730 - \"Realtek WiFi rtw89: List Add Corruption Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2025-21730 \nPublished : Feb. 27, 2025, 2:15 a.m. | 50\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nwifi: rtw89: avoid to init mgnt_entry list twice when WoWLAN failed \n \nIf WoWLAN failed in resume flow, the rtw89_ops_add_interface() triggered \nwithout removing the interface first. Then the mgnt_entry list init again, \ncausing the list_empty() check in rtw89_chanctx_ops_assign_vif() \nuseless, and list_add_tail() again. Therefore, we have added a check to \nprevent double adding of the list. \n \nrtw89_8852ce 0000:01:00.0: failed to check wow status disabled \nrtw89_8852ce 0000:01:00.0: wow: failed to check disable fw ready \nrtw89_8852ce 0000:01:00.0: wow: failed to swap to normal fw \nrtw89_8852ce 0000:01:00.0: failed to disable wow \nrtw89_8852ce 0000:01:00.0: failed to resume for wow -110 \nrtw89_8852ce 0000:01:00.0: MAC has already powered on \ni2c_hid_acpi i2c-ILTK0001:00: PM: acpi_subsys_resume+0x0/0x60 returned 0 after 284705 usecs \nlist_add corruption. prev->next should be next (ffff9d9719d82228), but was ffff9d9719f96030. (prev=ffff9d9719f96030). \n------------[ cut here ]------------ \nkernel BUG at lib/list_debug.c:34! \ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI \nCPU: 2 PID: 6918 Comm: kworker/u8:19 Tainted: G U O \nHardware name: Google Anraggar/Anraggar, BIOS Google_Anraggar.15217.514.0 03/25/2024 \nWorkqueue: events_unbound async_run_entry_fn \nRIP: 0010:__list_add_valid_or_report+0x9f/0xb0 \nCode: e8 56 89 ff ff 0f 0b 48 c7 c7 3e fc e0 96 48 89 c6 e8 45 89 ff ... \nRSP: 0018:ffffa51b42bbbaf0 EFLAGS: 00010246 \nRAX: 0000000000000075 RBX: ffff9d9719d82ab0 RCX: 13acb86e047a4400 \nRDX: 3fffffffffffffff RSI: 0000000000000000 RDI: 00000000ffffdfff \nRBP: ffffa51b42bbbb28 R08: ffffffff9768e250 R09: 0000000000001fff \nR10: ffffffff9765e250 R11: 0000000000005ffd R12: ffff9d9719f95c40 \nR13: ffff9d9719f95be8 R14: ffff9d97081bfd78 R15: ffff9d9719d82060 \nFS: 0000000000000000(0000) GS:ffff9d9a6fb00000(0000) knlGS:0000000000000000 \nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \nCR2: 00007e7d029a4060 CR3: 0000000345e38000 CR4: 0000000000750ee0 \nPKRU: 55555554 \nCall Trace: \n \n ? __die_body+0x68/0xb0 \n ? die+0xaa/0xd0 \n ? do_trap+0x9f/0x170 \n ? __list_add_valid_or_report+0x9f/0xb0 \n ? __list_add_valid_or_report+0x9f/0xb0 \n ? handle_invalid_op+0x69/0x90 \n ? __list_add_valid_or_report+0x9f/0xb0 \n ? exc_invalid_op+0x3c/0x50 \n ? asm_exc_invalid_op+0x16/0x20 \n ? __list_add_valid_or_report+0x9f/0xb0 \n rtw89_chanctx_ops_assign_vif+0x1f9/0x210 [rtw89_core cbb375c44bf28564ce479002bff66617a25d9ac1] \n ? __mutex_unlock_slowpath+0xa0/0xf0 \n rtw89_ops_assign_vif_chanctx+0x4b/0x90 [rtw89_core cbb375c44bf28564ce479002bff66617a25d9ac1] \n drv_assign_vif_chanctx+0xa7/0x1f0 [mac80211 6efaad16237edaaea0868b132d4f93ecf918a8b6] \n ieee80211_reconfig+0x9cb/0x17b0 [mac80211 6efaad16237edaaea0868b132d4f93ecf918a8b6] \n ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed] \n ? dev_printk_emit+0x51/0x70 \n ? _dev_info+0x6e/0x90 \n wiphy_resume+0x89/0x180 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed] \n ? __pfx_wiphy_resume+0x10/0x10 [cfg80211 572d03acaaa933fe38251be7fce3b3675284b8ed] \n dpm_run_callback+0x37/0x1e0 \n device_resume+0x26d/0x4b0 \n ? __pfx_dpm_watchdog_handler+0x10/0x10 \n async_resume+0x1d/0x30 \n async_run_entry_fn+0x29/0xd0 \n worker_thread+0x397/0x970 \n kthread+0xed/0x110 \n ? __pfx_worker_thread+0x10/0x10 \n ? __pfx_kthread+0x10/0x10 \n ret_from_fork+0x38/0x50 \n ? __pfx_kthread+0x10/0x10 \n ret_from_fork_asm+0x1b/0x30 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"27 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T04:30:09.000000Z"}, {"uuid": "6b965652-fb50-438c-8200-20d48505fd55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21731", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5636", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21731\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don't allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd->recv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -> due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -> succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -> succeed\n nbd_reconnect_socket\n queue_work(nbd->recv_workq, &args->work)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -> nbd_config is freed\n atomic_dec(&config->recv_threads)\n -> UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.\n\ud83d\udccf Published: 2025-02-27T02:07:35.927Z\n\ud83d\udccf Modified: 2025-02-27T02:07:35.927Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/e7343fa33751cb07c1c56b666bf37cfca357130e\n2. https://git.kernel.org/stable/c/d208d2c52b652913b5eefc8ca434b0d6b757f68f\n3. https://git.kernel.org/stable/c/a8ee6ecde2b7bfb58c8a3afe8a9d2b848f580739\n4. https://git.kernel.org/stable/c/9793bd5ae4bdbdb2dde401a3cab94a6bfd05e302\n5. https://git.kernel.org/stable/c/844b8cdc681612ff24df62cdefddeab5772fadf1", "creation_timestamp": "2025-02-27T02:25:18.000000Z"}, {"uuid": "60306fbc-bb8f-4102-b722-3cf9333cc1cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2173", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7116", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2173\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbi_strndup_iconv_ucs2 of the file src/conv.c. The manipulation of the argument src_length leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. The patch is identified as 8def647eea27f7fd7ad33ff79c2d6d3e39948dce. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.\n\ud83d\udccf Published: 2025-03-11T06:31:05.166Z\n\ud83d\udccf Modified: 2025-03-11T06:31:05.166Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299202\n2. https://vuldb.com/?ctiid.299202\n3. https://vuldb.com/?submit.512798\n4. https://github.com/zapping-vbi/zvbi/security/advisories/GHSA-g7cg-7gw9-v8cf\n5. https://github.com/zapping-vbi/zvbi/commit/8def647eea27f7fd7ad33ff79c2d6d3e39948dce\n6. https://github.com/zapping-vbi/zvbi/releases/tag/v0.2.44", "creation_timestamp": "2025-03-11T07:39:47.000000Z"}, {"uuid": "8fa7dc55-7a5b-4e5f-a036-fc329ac5ff0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21739", "type": "published-proof-of-concept", "source": "Telegram/kKw8zW0pz3sZ2pItWC8JTvyfEV66W8p-mtpEhhBk19Vaagc", "content": "", "creation_timestamp": "2026-04-18T11:15:29.000000Z"}, {"uuid": "a4c3cefe-7ae4-4a2d-b529-016a28f7612e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21735", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}]}