Multiple Google Android Vulnerabilities

April 18, 2025

Linux Kernel Vulnerability Allows Privilege Escalation – PoC Now Available

April 18, 2025

Multiple GitLab Products Vulnerabilities

April 18, 2025

Severity

Medium

Analysis Summary

CVE-2025-2867 CVSS:4.4

GitLab could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in AI-assisted development features.

CVE-2024-10307 CVSS:4.3

GitLab is vulnerable to a denial of service, caused by uncontrolled CPU consumption when viewing the associated merge request.

Impact

Code Execution
Denial of Service

Indicators of Compromise

CVE

CVE-2025-2867
CVE-2024-10307

Affected Vendors

GitLab

Affected Products

GitLab - 17.9
GitLab - 17.8.5
GitLab - 17.9.2
GitLab - 17.10

Remediation

Upgrade to the latest version of GitLab, available from the GitLab Website.

CVE-2025-2867

CVE-2024-10307

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Local Privilege Escalation to Root via Sudo chroot in Linux

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Google Android Vulnerabilities

Linux Kernel Vulnerability Allows Privilege Escalation – PoC Now Available

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation