CVE-2025-15391
published 2025-12-31CVE-2025-15391: A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgi_main of the component SSDP Request Handler. This manipulation…
PriorityP271critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.69%
88.3th percentile
A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgi_main of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d-link | dir-806a | — | — |
| dlink | dir-806a_firmware | — | — |
| linux | linux_kernel | >= 5.16.0 < 6.1.159 | 6.1.159 |
| linux | linux_kernel | >= 6.13.0 < 6.17.8 | 6.17.8 |
| linux | linux_kernel | >= 6.2.0 < 6.6.117 | 6.6.117 |
| linux | linux_kernel | >= 6.7.0 < 6.12.58 | 6.12.58 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.02.1LOWCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_redhat5.5LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6f5x-35qc-g7mg: A weakness has been identified in D-Link DIR-806A 100CNb11
ghsa_unreviewed·2025-12-31
CVE-2025-15391 [MEDIUM] CWE-74 GHSA-6f5x-35qc-g7mg: A weakness has been identified in D-Link DIR-806A 100CNb11
A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgi_main of the component SSDP Request Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. This vulnerability only affects products that are no longer supported by the maintainer.
OSV
x86/fpu: Ensure XFD state on signal delivery
osv·2025-12-16
CVE-2025-68171 x86/fpu: Ensure XFD state on signal delivery
x86/fpu: Ensure XFD state on signal delivery
In the Linux kernel, the following vulnerability has been resolved:
x86/fpu: Ensure XFD state on signal delivery
Sean reported [1] the following splat when running KVM tests:
WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70
Call Trace:
fpu__clear_user_states+0x9c/0x100
arch_do_signal_or_restart+0x142/0x210
exit_to_user_mode_loop+0x55/0x100
do_syscall_64+0x205/0x2c0
entry_SYSCALL_64_after_hwframe+0x4b/0x53
Chao further identified [2] a reproducible scenario involving signal
delivery: a non-AMX task is preempted by an AMX-enabled task which
modifies the XFD MSR.
When the non-AMX task resumes and reloads XSTATE with init values,
a warning is triggered due to a mismatch between fpstate::xfd and the
CPU's current XFD state. fpu__cl
Red Hat
kernel: x86/fpu: Ensure XFD state on signal delivery
vendor_redhat·2025-12-16·CVSS 5.5
CVE-2025-68171 [LOW] CWE-821 kernel: x86/fpu: Ensure XFD state on signal delivery
kernel: x86/fpu: Ensure XFD state on signal delivery
In the Linux kernel, the following vulnerability has been resolved:
x86/fpu: Ensure XFD state on signal delivery
Sean reported [1] the following splat when running KVM tests:
WARNING: CPU: 232 PID: 15391 at xfd_validate_state+0x65/0x70
Call Trace:
fpu__clear_user_states+0x9c/0x100
arch_do_signal_or_restart+0x142/0x210
exit_to_user_mode_loop+0x55/0x100
do_syscall_64+0x205/0x2c0
entry_SYSCALL_64_after_hwframe+0x4b/0x53
Chao further identified [2] a reproducible scenario involving signal
delivery: a non-AMX task is preempted by an AMX-enabled task which
modifies the XFD MSR.
When the non-AMX task resumes and reloads XSTATE with init values,
a warning is triggered due to a mismatch between fpstate::xfd and the
CPU's current XFD state. fpu_
No detection rules found.
No public exploits indexed.
2025-12-31
Published