PT-2026-40167

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

PT-2026-40161

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally...

GHSA-MC29-HMX6-856Q Ella Core has handover failures during concurrent Security Mode Command

Summary Ella Core didn't enforce security rules on concurrent running of security procedures defined in TS 33.501 §6.9.5.1 — it could send a NAS Security Mode Command while an N2 handover was still pending and vice versa. Impact Concurrent Security Mode Command and N2 handover produce a KgNB...

Ella Core has handover failures during concurrent Security Mode Command

Summary Ella Core didn't enforce security rules on concurrent running of security procedures defined in TS 33.501 §6.9.5.1 — it could send a NAS Security Mode Command while an N2 handover was still pending and vice versa. Impact Concurrent Security Mode Command and N2 handover produce a KgNB...

SUSE CVE-2026-43418

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017507)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017507 advisory. curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPTSSLCIPHERLIST when libcurl is built to use...

PT-2026-39668

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.10.0 Description Ella Core fails to enforce security rules regarding the concurrent execution of security procedures. Specifically, the system may send a NAS Security Mode Command while an N2 handover is still...

Operationalizing Cybersecurity Governance for Mitigation Planning with Attack-Path Modeling and Reinforcement Learning

We address a fundamental challenge in cybersecurity operations of translating governance frameworks into actionable mitigation decisions under realistic resource constraints. Frameworks such as the NIST Cybersecurity Framework CSF provide widely adopted measures of organizational maturity, but do...

CVE-2026-43418

A flaw was found in the Linux kernel's sched/mmcid component. When new tasks are created concurrently, a race condition can occur where a task is accounted as a Memory Management Context ID MMCID user before it is fully registered in the system's task lists. This can lead to an incorrect allocati...

Missing Synchronization

Overview Affected versions of this package are vulnerable to Missing Synchronization through unsynchronized access to the Subscriptions map in the PUT /nbsf-management/v1/subscriptions/subId handler. An attacker can cause the process to terminate unexpectedly by sending concurrent authenticated P...

GHSA-27PH-8Q4F-H7M7 free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions

Summary free5GC's BSF PUT /nbsf-management/v1/subscriptions/subId handler has an unsynchronized write on the global Subscriptions map. The handler first reads the map under RLock via BSFContext.GetSubscriptionsubId, but if the subscription does not exist, ReplaceIndividualSubcription writes back ...

free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions

Summary free5GC's BSF PUT /nbsf-management/v1/subscriptions/subId handler has an unsynchronized write on the global Subscriptions map. The handler first reads the map under RLock via BSFContext.GetSubscriptionsubId, but if the subscription does not exist, ReplaceIndividualSubcription writes back ...

CVE-2026-43319

A flaw was found in the Linux kernel's spidev driver. A local user, by performing concurrent write and ioctl operations on the same spidev file descriptor from separate threads, could trigger a lock inversion. This issue can lead to a deadlock, resulting in a Denial of Service DoS for the affecte...

EUVD-2026-28724

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...

CVE-2026-43418

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...

UBUNTU-CVE-2026-43418

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...

CVE-2026-43418 sched/mmcid: Prevent CID stalls due to concurrent forks

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...

CVE-2026-43418

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ceph asynchronous unlink operation reducing the inlink counter prematurely before it is...

PT-2026-39079

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists during concurrent fork operations where a newly forked task is accounted as an MMCID user before it becomes visible in the process thread list and the global task...