1854 matches found
CLSA-2026-1779581056 qemu-kvm: Fix of CVE-2025-11234
CVE-2025-11234: fix use-after-free in QIOChannelWebsock handshake by tracking the handshake GSource id and removing it on close/finalize...
CVE-2026-45251 Kernel use-after-free via file descriptor syscalls
A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that descriptor. Because the blocked thread does not hold a reference to the underlying object, this closure may result in the object being freed while the thread remains blocked. In this situation, t...
FreeBSD : FreeBSD -- Kernel use-after-free via file descriptor syscalls (ee21f41f-54b5-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ee21f41f-54b5-11f1-8d7a-bc241121aa0a advisory. A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: serial: core: Fixed the issue where the transmit-buffer was not freed after closing the serial port. The commit 761ed4a94582 “tty: serialcore: changed uartclose to use ttyportclose” converted the serial core to use ttyportclos...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of servicetask and into open/close The fbnic driver was experiencing the following locking assertion when executing PM resume: 42.208116 T164 RTNL: assertion failed at drivers/net/phy/phylink.c 2611...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf/core: The handling of buffer mapping fails correctly in perfmmap. After a buffer is successfully allocated or attached to an existing buffer, perfmmap attempts to map the buffer into the page table in read-only mode. If this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: Logs an error when closeallcacheddirs fails Under low-memory conditions, closeallcacheddirs cannot move the entries to a separate list to send them to dput once the locks are dropped. This will result in an “Dentry still in...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Use internal state to free traffic IRQs If the system attempts to close the netdev while iavfresettask is running, the LINKSTATESTART field will be cleared, and netifrunning will return false in iavfreinitinterruptscheme. A...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshakereqdestroytest1 Recently, the handshakereqdestroytest1 test started failing: The expected value of handshakereqdestroytest should be req, but the actual value is 0000000000000000. The correct value...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fixed invalid page access after closing deferred I/O devices. When a fbdev with deferred I/O is opened and closed, the dirty pages still remain in the pageref list. Eventually, those pages may be processed during the delay...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucvsockclose iucvseverpath is called from process context and from bh context. iucv-path is used as indicator whether somebody else is taking care of severing the path or it is already removed /...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: PTEs are reset when using close, especially for entries protected by wr. The userfaultfd unregistration process includes a step to remove the wr-protect bits from all relevant pgtable entries. However, this only...
Astra Linux – Vulnerability in Linux 5.10
There is a vulnerability related to time-of-check to time-of-use issues in the iouringsubsystem’s IORINGOPCLOSE operation in the Linux kernel versions 5.6 to 5.11 inclusive. This vulnerability allows a local user to elevate their privileges to root. Introduced in the version...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: tee, amdtee: fixed the use-after-free vulnerability in amdteeclosesession. There is a potential race condition in amdteeclosesession that may cause a use-after-free in amdteeopenSession. For example, if a session has a referen...
Astra Linux – Vulnerability in jackd2
In posix/JackSocket.cpp within the libjack library in JACK2 version 1.9.1 through 1.9.12 distributed with alsa-plugins 1.1.7 and later, there is an issue where “double file descriptor closes” occur during a failed connection attempt when jackd2 is not running. Successful exploitation depends on t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed potential OOPs in cifsoplockbreak With deferred close, there may be situations where closes occur simultaneously with lease breaks. Additionally, when checking whether to send the lease response, oplockresponse can...
Astra Linux – Vulnerability in Linux
A issue was discovered in the Linux kernel before version 5.10. The file drivers/infiniband/core/ucma.c contains a use-after-free, as the context of the ctx variable is accessed through ctxlist in certain situations where ucmamigrateid is called, specifically when ucmaclose is invoked. This issue...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fixed a data race between perfeventsetoutput and perfmmapclose. Yang Jihing reported a race between perfeventsetoutput and perfmmapclose: CPU1 CPU2 perfmmapclosee2 if atomicdecandtest&e2-rb-mmapcount // 1 - 0 then...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fixed a memory leak in virtiocryptoalgskcipherclosesession The variable 'vcctrlreq' is allocated in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed double-release of the compute pasid. If kfdprocessdeviceinitvm returns an error after the vm is converted to a compute vm and vm-pasid is set to compute pasid, KFD will not take the pdd-drmfile reference. As a...