{"vulnerability": "cve-2025-2175", "sightings": [{"uuid": "4734a7b5-428f-4604-b8dd-4671e48a84e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114074598304957807", "content": "", "creation_timestamp": "2025-02-27T07:10:33.380948Z"}, {"uuid": "6dc96064-35d9-4aab-90a5-2b5385c1cd8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2175", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk3sxkz2ow24", "content": "", "creation_timestamp": "2025-03-11T10:05:39.498566Z"}, {"uuid": "cbe61bf4-4e43-42f6-a3f2-12583dc948cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/dasgeldco.bsky.social/post/3lpxwwu6hjx2p", "content": "", "creation_timestamp": "2025-05-25T05:37:21.356051Z"}, {"uuid": "69f845a8-d04e-402f-b6f3-7ac1622e8dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "35f99049-8e16-43d8-b183-e62f83ba784f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21758", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "c61ba8ab-c1de-4dfc-82f1-8a752fcc9400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lnw4yoojfu2o", "content": "", "creation_timestamp": "2025-04-29T01:30:08.087574Z"}, {"uuid": "f34550b6-b129-4cb9-8565-d1a1e7ab839e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-21756", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lnwb7l4dqc2n", "content": "", "creation_timestamp": "2025-04-29T02:45:29.276050Z"}, {"uuid": "7137bf40-f731-4877-889c-b7cae2520d2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lnwx27ayndf2", "content": "", "creation_timestamp": "2025-04-29T09:17:27.042453Z"}, {"uuid": "6dca4c9a-a6af-4538-a312-ba245e070d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lnx7kdoezc2m", "content": "", "creation_timestamp": "2025-04-29T11:48:24.969413Z"}, {"uuid": "94cb6498-0f9c-479a-af3c-a7f658efbae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lnxzzlohh52z", "content": "", "creation_timestamp": "2025-04-29T19:42:11.312164Z"}, {"uuid": "ab2340e6-b5a6-4984-9b2a-8d4e43f470fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lnz7itz4x52p", "content": "", "creation_timestamp": "2025-04-30T06:52:52.580242Z"}, {"uuid": "0b6a901c-a164-4057-ae79-f3cf39d6445c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/lobsters-feed.bsky.social/post/3lo2ip2utnm2b", "content": "", "creation_timestamp": "2025-04-30T19:10:03.557462Z"}, {"uuid": "6a74a72f-0006-478b-8891-c9f45571f379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/hn100.bsky.social/post/3lo2mti45ha2x", "content": "", "creation_timestamp": "2025-04-30T20:24:07.282175Z"}, {"uuid": "499c8aea-3e77-4fec-ac04-836a3c47c81a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/hnws.bsky.social/post/3lo2muc3sii2f", "content": "", "creation_timestamp": "2025-04-30T20:24:33.911770Z"}, {"uuid": "2aebb446-9acc-49b4-8396-57cdfd0180e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/hackernewsbot.bsky.social/post/3lo2npylvdk2x", "content": "", "creation_timestamp": "2025-04-30T20:40:04.400679Z"}, {"uuid": "bab17ae3-b795-4c27-9816-4cd3ce824a46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/hackernewstop5.bsky.social/post/3lo2nx4v7jj2c", "content": "", "creation_timestamp": "2025-04-30T20:44:03.876905Z"}, {"uuid": "6abae498-5087-40e8-b3c4-ef94ee42030f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/betterhn20.e-work.xyz/post/3lo2p2zdems23", "content": "", "creation_timestamp": "2025-04-30T21:04:07.489785Z"}, {"uuid": "77a3fca5-d72c-4c84-ad70-cb360cf75c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/hackernewsrobot.bsky.social/post/3lo2ry7rhbr25", "content": "", "creation_timestamp": "2025-04-30T21:56:14.904563Z"}, {"uuid": "93913e7f-830b-4d07-ab01-a01e85011be1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/binitamshah.bsky.social/post/3lo4a72pqas2z", "content": "", "creation_timestamp": "2025-05-01T11:43:19.843032Z"}, {"uuid": "50f2c1de-f84e-4c33-bd69-a281ade2a646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lo4us7ehsa2o", "content": "", "creation_timestamp": "2025-05-01T17:51:53.393966Z"}, {"uuid": "c354c253-90ae-46c9-84ae-5c140c7f80bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lq7isdc43c2q", "content": "", "creation_timestamp": "2025-05-28T05:45:37.871491Z"}, {"uuid": "4f925ee6-140f-41e4-9f4a-9450c74f103c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lqkvohawnc2f", "content": "", "creation_timestamp": "2025-06-01T18:35:24.760476Z"}, {"uuid": "69a94814-c608-415b-9d40-10e5b3bae99d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/linkersec.bsky.social/post/3lonz5tit622k", "content": "", "creation_timestamp": "2025-05-08T13:25:16.408417Z"}, {"uuid": "c45c57de-56dd-46f3-9e1e-2a323c5248f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/linkersec.bsky.social/post/3lonz5uc5pk2k", "content": "", "creation_timestamp": "2025-05-08T13:25:16.905481Z"}, {"uuid": "46b56c69-6a82-4fd2-89bd-d0cc2678e14c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/linkersec.bsky.social/post/3lrtl4s46us2s", "content": "", "creation_timestamp": "2025-06-17T22:45:41.633116Z"}, {"uuid": "3233614a-52d3-4417-8df7-5c1ffe0e1f98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/linkersec.bsky.social/post/3lrtl4t2pgs2s", "content": "", "creation_timestamp": "2025-06-17T22:45:42.148729Z"}, {"uuid": "2a62a0e7-ed80-41a3-804a-0c1d148496c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21759", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lwbhky6biw2y", "content": "", "creation_timestamp": "2025-08-13T09:00:04.876672Z"}, {"uuid": "7f599693-19a3-4ae7-a892-0b1c8a3ef84e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3me5bzfpbmk24", "content": "", "creation_timestamp": "2026-02-05T21:02:54.851241Z"}, {"uuid": "89d7190c-0dfa-468a-b4fa-3d1a93b33579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21759", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "38c086bb-479a-4a92-83a7-bc0d1729678d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21750", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "734b776d-652b-43fc-b99e-ede1dcad07a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21752", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "05be2d7b-628b-4a50-a647-373fc80872d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21750", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "9e5f7007-fa0d-4915-9fe8-404a1a79cca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21759", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "cc536d16-f8c5-42ef-b66a-58f2ff4b67e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21758", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "1734b8a9-18fb-4892-8fbf-dc0289107620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21751", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "fbac3583-1889-4f24-83c4-5cca50545909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2175", "type": "seen", "source": "https://t.me/cvedetector/20036", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2175 - \"Libzvbi Integer Overflow Remote Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-2175 \nPublished : March 11, 2025, 7:15 a.m. | 46\u00a0minutes ago \nDescription : A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T09:15:41.000000Z"}, {"uuid": "7ab7d81e-0bab-4ce0-98ee-9a5450579db8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21751", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7122", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21751\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, change error flow on matcher disconnect\n\nCurrently, when firmware failure occurs during matcher disconnect flow,\nthe error flow of the function reconnects the matcher back and returns\nan error, which continues running the calling function and eventually\nfrees the matcher that is being disconnected.\nThis leads to a case where we have a freed matcher on the matchers list,\nwhich in turn leads to use-after-free and eventual crash.\n\nThis patch fixes that by not trying to reconnect the matcher back when\nsome FW command fails during disconnect.\n\nNote that we're dealing here with FW error. We can't overcome this\nproblem. This might lead to bad steering state (e.g. wrong connection\nbetween matchers), and will also lead to resource leakage, as it is\nthe case with any other error handling during resource destruction.\n\nHowever, the goal here is to allow the driver to continue and not crash\nthe machine with use-after-free error.\n\ud83d\udccf Published: 2025-02-27T02:12:22.177Z\n\ud83d\udccf Modified: 2025-03-11T09:54:19.913Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/23a86c76a1a197e8fbbbd0ce3e826eb58c471624\n2. https://git.kernel.org/stable/c/1ce840c7a659aa53a31ef49f0271b4fd0dc10296", "creation_timestamp": "2025-03-11T10:38:51.000000Z"}, {"uuid": "26cd52a3-3002-4e5b-ad7e-fb5fabf6a0e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2175", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7111", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2175\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in libzvbi up to 0.2.43. It has been rated as problematic. Affected by this issue is the function _vbi_strndup_iconv. The manipulation leads to integer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer was informed beforehand about the issues. She reacted very fast and highly professional.\n\ud83d\udccf Published: 2025-03-11T07:00:09.753Z\n\ud83d\udccf Modified: 2025-03-11T07:00:09.753Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299204\n2. https://vuldb.com/?ctiid.299204\n3. https://vuldb.com/?submit.512801\n4. https://github.com/zapping-vbi/zvbi/security/advisories/GHSA-g7cg-7gw9-v8cf\n5. https://github.com/zapping-vbi/zvbi/releases/tag/v0.2.44", "creation_timestamp": "2025-03-11T07:39:40.000000Z"}, {"uuid": "c5dc45e5-35d6-47e2-b7ef-40ea0a29662b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21757", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8584", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21757\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-27T02:18:12.006Z\n\ud83d\udccf Modified: 2025-03-25T01:09:11.303Z\n\ud83d\udd17 References:\nNo references available.", "creation_timestamp": "2025-03-25T02:23:22.000000Z"}, {"uuid": "3c04fe5a-20f7-408c-bdc7-780cd8cc258d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14317", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21756\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n    1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n    2. transport->release() calls vsock_remove_bound() without checking if\n       sk was bound and moved to bound list (refcnt=1)\n    3. vsock_bind() assumes sk is in unbound list and before\n       __vsock_insert_bound(vsock_bound_sockets()) calls\n       __vsock_remove_bound() which does:\n           list_del_init(&vsk->bound_table); // nop\n           sock_put(&vsk->sk);               // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\ud83d\udccf Published: 2025-02-27T02:18:11.547Z\n\ud83d\udccf Modified: 2025-05-01T14:33:51.673Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/e7754d564579a5db9c5c9f74228df5d6dd6f1173\n2. https://git.kernel.org/stable/c/e48fcb403c2d0e574c19683f09399ab4cf67809c\n3. https://git.kernel.org/stable/c/42b33381e5e1f2b967dc4fb4221ddb9aaf10d197\n4. https://git.kernel.org/stable/c/3f43540166128951cc1be7ab1ce6b7f05c670d8b\n5. https://git.kernel.org/stable/c/645ce25aa0e67895b11d89f27bb86c9d444c40f8\n6. https://git.kernel.org/stable/c/b1afd40321f1c243cffbcf40ea7ca41aca87fa5e\n7. https://git.kernel.org/stable/c/fcdd2242c0231032fc84e1404315c245ae56322a", "creation_timestamp": "2025-05-01T15:15:39.000000Z"}, {"uuid": "bef8c12d-81de-4004-973e-fe4631184864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33002", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aExploit for CVE-2025-21756 for Linux kernel 6.6.75. My first linux kernel exploit!\nURL\uff1ahttps://github.com/hoefler02/CVE-2025-21756\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-19T20:42:01.000000Z"}, {"uuid": "dfb01b5d-131e-4a1d-8ae6-0a7fd433d3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/42463", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aReproduce CVE-2022-32250 and CVE-2025-21756 by tampering with modprobe_path and hijacking control flow, respectively.\nURL\uff1ahttps://github.com/KuanKuanQAQ/cve-testing\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-30T06:53:06.000000Z"}, {"uuid": "3543aaa7-7fd1-4b2b-93f6-92806feccfff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/5282", "content": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0441\u043e\u043a\u0435\u0442\u043e\u0432 \u0441 \u0430\u0434\u0440\u0435\u0441\u0430\u0446\u0438\u0435\u0439 AF_VSOCK, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0433\u043e\u0441\u0442\u0435\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0438 \u0445\u043e\u0441\u0442\u043e\u0432. \u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 \u044f\u0434\u0440\u043e\u043c Linux 6.6.75 (\u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430).\n. . .\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u0447\u0442\u043e \u043f\u0440\u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u0430 \u0434\u043b\u044f \u0441\u043e\u043a\u0435\u0442\u0430 AF_VSOCK \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0432\u044b\u0437\u043e\u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 vsock_remove_sock, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u044e vsock_remove_bound, \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e \u0443\u043c\u0435\u043d\u044c\u0448\u0430\u044e\u0449\u0443\u044e \u0443\u0447\u0451\u0442\u0447\u0438\u043a \u0441\u0441\u044b\u043b\u043e\u043a \u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442 vsock. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0441\u0447\u0451\u0442\u0447\u0438\u043a \u0441\u0441\u044b\u043b\u043e\u043a \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0440\u0430\u0432\u043d\u044b\u043c \u043d\u0443\u043b\u044e \u0438 \u044f\u0434\u0440\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0430\u0435\u0442 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043f\u043e\u0434 \u043e\u0431\u044a\u0435\u043a\u0442 \u043f\u0430\u043c\u044f\u0442\u044c, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 VSOCK\nhttps://www.opennet.ru/opennews/art.shtml?num=63165\n\n\u041e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\nCVE-2025-21756: Attack of the Vsock\nhttps://hoefler.dev/articles/vsock.html", "creation_timestamp": "2025-04-30T08:40:46.000000Z"}, {"uuid": "eafcf734-6e23-4652-bdd1-21593c7b2b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/1839", "content": "Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation \u2013 gbhackers.com\n\nTue, 29 Apr 2025 15:07:16", "creation_timestamp": "2025-04-29T08:03:53.000000Z"}, {"uuid": "12953fd3-8277-4595-85bb-6dcc96bb73cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/71", "content": "CVE-2025-21756 Linux kernel LPE\n\nUse-After-Free (UAF) vulnerability affecting the Linux kernel\u2019s vsock subsystem.\n\nBlog: https://hoefler.dev/articles/vsock.html", "creation_timestamp": "2025-04-29T07:12:42.000000Z"}, {"uuid": "98df735b-e380-4062-b9c8-c2dc30132938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/309", "content": "CVE-2025-21756: Attack of the Vsock\n\nMichael Hoefler published an article about exploiting an incorrect reference counter decrement causing a UAF in the vsock subsystem.\n\nWith advice from h0mbre, the researcher used brute force to bypass KASLR and hijacked the control flow for LPE.", "creation_timestamp": "2025-05-08T13:25:40.000000Z"}, {"uuid": "33d8ac98-ed8a-42e5-804f-ffd198681dea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/321", "content": "Exploiting the CVE-2025-21756 1-day vulnerability\n\nHyunwoo Kim and Wongi Lee posted a kernelCTF report about exploiting a UAF in the vsock subsystem of the Linux kernel.\n\nThe researchers leaked the kernel base address using the EntryBleed side-channel attack and then turned the UAF on the vsock_sock structure into a RIP control primitive to execute a ROP-chain.", "creation_timestamp": "2025-06-17T12:21:21.000000Z"}, {"uuid": "39469358-0bea-41dd-a205-3b7336f2142a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://t.me/CyberBulletin/10724", "content": "\u26a1\ufe0fCVE-2025-21756: Attack of the Vsock.\n\n#CyberBulletin", "creation_timestamp": "2025-05-02T02:43:03.000000Z"}, {"uuid": "70f3364d-8134-44e5-9d95-9d56a1262bf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/10699", "content": "\u26a1\ufe0fCVE-2025-21756: How a Tiny Linux Kernel Bug Led to a Full Root Exploit, PoC Releases.\n\n#CyberBulletin", "creation_timestamp": "2025-04-29T02:06:56.000000Z"}, {"uuid": "037a0a85-5966-4888-9ae8-ea8b58286708", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://t.me/proxy_bar/2621", "content": "CVE-2025-21756: Attack of the Vsock\n*\nLinux Kernel Exploitation\n*\nread\n*\nexploit", "creation_timestamp": "2025-05-23T13:04:24.000000Z"}, {"uuid": "727060a8-8e1c-409e-836b-42c59f874fdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://t.me/CyberBulletin/3160", "content": "\u26a1\ufe0fCVE-2025-21756: Attack of the Vsock.\n\n#CyberBulletin", "creation_timestamp": "2025-05-02T04:43:03.000000Z"}, {"uuid": "f27546c1-9089-4f95-8896-25dbedf46aff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/CyberBulletin/3136", "content": "\u26a1\ufe0fCVE-2025-21756: How a Tiny Linux Kernel Bug Led to a Full Root Exploit, PoC Releases.\n\n#CyberBulletin", "creation_timestamp": "2025-04-29T04:06:56.000000Z"}, {"uuid": "3c76a31f-39ac-4408-86fe-c7e8e2b233f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/12098", "content": "Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation \u2013 gbhackers.com\n\nTue, 29 Apr 2025 15:07:16", "creation_timestamp": "2025-04-29T10:03:53.000000Z"}, {"uuid": "1a3c0549-b270-408a-aa4e-1d3022b8ad2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/3718", "content": "Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation \u2013 gbhackers.com\n\nTue, 29 Apr 2025 15:07:16", "creation_timestamp": "2025-04-29T10:03:53.000000Z"}, {"uuid": "3a210293-7a48-4bb5-82b3-9c6465dfad7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "seen", "source": "https://t.me/TengkorakCyberCrewzz/30409", "content": "Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation \u2013 gbhackers.com\n\nTue, 29 Apr 2025 15:07:16", "creation_timestamp": "2025-04-29T10:03:53.000000Z"}, {"uuid": "992eb25e-a540-4c8f-9eaa-e115c2f1540e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "Telegram/pouWO7oHuMlxYwPs30aspnMqHr17AxXm3igkclxUsCqax5E", "content": "", "creation_timestamp": "2025-04-18T23:00:06.000000Z"}, {"uuid": "9652065d-6f4f-43a8-905a-3f3d885b2802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21756", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2598", "content": "\u0417\u0430\u0432\u0442\u0440\u0430\u043a\u0430\u0435\u043c \u0441 CVE-2025-21756\n*\nDetails\n*\nExploit  for linux kernel 6.6.75", "creation_timestamp": "2025-04-19T07:23:00.000000Z"}]}