2575 matches found
EUVD-2026-24994
install -D: symlink race in directory creation allows arbitrary file overwrite...
kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...
kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...
kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop
A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...
kernel: mptcp: fix slab-use-after-free in __inet_lookup_established
A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...
CVE-2026-10653
The CVE-2026-10653 issue affects the Zephyr net_buf library (lib/net_buf/buf.c). It relies on non-atomic operations for two reference counters: the per-header buf->ref and the per-data-block ref_count. Under true concurrency, two independent unrefs can observe the same prior value and both tre...
CVE-2026-53303
A flaw was found in the Linux kernel's f2fs filesystem. This vulnerability allows for potential out-of-bounds memory access or the display of stale data. It occurs because the extensionlist and related counts are read without proper synchronization, enabling a concurrent system file system sysfs...
Critical Photon OS Security Update - PHSA-2026-5.0-0909
Updates of 'rubygem-concurrent-ruby' packages of Photon OS have been released...
Linux Distros Unpatched Vulnerability : CVE-2026-52952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu: Fix WARNON in iommugroupsetdomainnofail due to reset In iommugroupsetdomaininternal, concurrent domain attachments are rejected when any device in the...
[SECURITY] Fedora 44 Update: docker-buildkit-0.31.0-1.fc44
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...
[SECURITY] Fedora 43 Update: docker-buildkit-0.31.0-1.fc43
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...
CVE-2026-54905
A flaw was found in concurrent-ruby. The Concurrent::ReentrantReadWriteLock component can incorrectly grant a write lock to a thread while other threads still hold or can acquire read locks. This occurs when a thread acquires a read lock 32,768 times, causing an internal counter to incorrectly...
DEBIAN-CVE-2026-53303
In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...
UBUNTU-CVE-2026-53303
In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...
CVE-2026-53303
Technical details for CVE-2026-53303 are not publicly provided in the supplied documents; monitoring for updates is advised.
CVE-2026-53207
A flaw was found in the Linux kernel's memory management, specifically concerning huge pages. When two concurrent memory poisoning operations madviseMADVHWPOISON occur on the same huge page while it is also being unmapped, a recursive spinlock self-deadlock can be triggered. This can lead to a...
SUSE CVE-2026-53250
In the Linux kernel, the following vulnerability has been resolved: xsk: cache csumstart/csumoffset to fix TOCTOU in xskskbmetadata The TX metadata area resides in the UMEM buffer which is memory-mapped and concurrently writable by userspace. In xskskbmetadata, csumstart and csumoffset are read...
SUSE CVE-2026-53269
In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...
PT-2026-52942
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the f2fs module, the f2fs sbi show function reads extension list, extension count, and hot ext count without holding the sb lock. If a concurrent sysfs store operation modifies the...
EUVD-2026-38392
Filament: Multi-factor authentication app recovery codes can still be used multiple times via concurrent submission...