Lucene search
K

2474 matches found

NVD
NVD
added 4 days ago5 views

CVE-2025-58151

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The...

9.4CVSS0.0012EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/27 1:51 a.m.11 views

CVE-2026-52975

A flaw was found in the Linux kernel's bonding 3ad module. This vulnerability is due to a data-race condition caused by improper Read-Copy-Update RCU implementation in the port-aggregator component. An attacker could potentially exploit this to cause system instability or unexpected behavior...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS0.00126EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-52975

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at...

7.8CVSS6AI score0.00138EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38843

In the Linux kernel, the following vulnerability has been resolved: bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at lack of proper RCU implementation. Add rcu qualifier to port-aggregato...

5.7AI score0.00138EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-52975

In the Linux kernel, the following vulnerability has been resolved: bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at lack of proper RCU implementation. Add rcu qualifier to port-aggregato...

7.8CVSS0.00138EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38930

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: fix missing locks in invalidating cache blocks In passthrough mode, the policy invalidatemapping operation is called simultaneously from multiple workers, thus it should be protected by a lock. Otherwise, we...

5.7AI score0.00125EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 4:28 p.m.1 views

CVE-2026-52975 bonding: 3ad: implement proper RCU rules for port->aggregator

In the Linux kernel, the following vulnerability has been resolved: bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at lack of proper RCU implementation. Add rcu qualifier to port-aggregato...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References9
CVE
CVE
added 2026/06/24 4:28 p.m.10 views

CVE-2026-52975

The CVE concerns the Linux kernel bonding 3ad module. A data-race was found in bond_3ad_get_active_agg_info / bond_3ad_state_machine_handler due to insufficient Read-Copy-Update (RCU) handling for port->aggregator. The fix adds the __rcu qualifier to port->aggregator and uses proper RCU API...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52975

In the Linux kernel, the following vulnerability has been resolved: bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at lack of proper RCU implementation. Add rcu qualifier to port-aggregato...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References7Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: Fixed the data-race warning and potential load/store tearing issues. Fixed the following issue: BUG: KCSAN: A data-race occurred in rxrpcpeerkeepaliveworker and rxrpcsenddatapacket. This issue relates to reads and write...

4.7CVSS5.9AI score0.00086EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ipv6: Annotated data-race in ndiscrouterdiscovery The syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This seems fine, as IFLAINET6RAMTU is a best-effort mechanism. Add...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Bonding: Annotate the data races around slave-lastrx. slave-lastrx and slave-targetlastarprx... can be read and written without locking. Add READONCE and WRITEONCE annotations. syzbot reported: BUG: KCSAN: Data race in...

4.7CVSS5.8AI score0.00086EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: l2tp: avoided a data race in l2tptunneldelwork We should only access sk-sksocket when dealing with kernel sockets. syzbot reported the following data race: BUG: KCSAN: data race in l2tptunneldelwork / skcommonrelease Task 5365...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: locking/spinlock/debug: Fixed a data race in dorawwritelock. KCSAN reports: BUG: KCSAN: Data race in dorawwritelock/dorawwritelock. The following operations were performed: Write 0xffff800009cf504c 4 bytes to memory by task 11...

6AI score0.0018EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: atm/fore200e: Fixed a possible data race in fore200eopen. Access to the field fore200e-availablecellrate is protected by the ratemtx lock in the error-handling code of fore200eopen to prevent a data race. The field...

6.5AI score0.00161EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: mISDN: Annotated data-race around dev-work dev-work can be read without locking in mISDNread and mISDNpoll. Add READONCE/WRITEONCE annotations. BUG: KCSAN: Data race in mISDNioctl/mISDNread Writing 0xffff88812d848280 4 bytes b...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51869

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the bonding 3ad implementation due to improper Read-Copy-Update RCU rules for the port-aggregator variable. This issue was identified in the bond 3ad get active agg...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References7
OSV
OSV
added 2026/06/23 12:59 p.m.10 views

JLSEC-2026-620 WebSocket reader data race in auto-PONG/CLOSE-echo handling in HTTP.jl

Description The WebSocket reader task processed incoming frames by calling wsonincomingdata! without holding ws.sendlock. That function is not a pure parser: its auto-PONG and CLOSE-echo paths push! onto the shared ws.codec.outgoingframes vector, while application send/ping/pong/close paths mutat...

5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: List: Fixed a data race around ep-rdllist. The eppoll function first calls epeventsavailable without holding a lock and checks if ep-rdllist is empty using listemptycareful, which reads from rdllist-prev. Therefore, all access...

4.7CVSS6.4AI score0.00169EPSS
Exploits0References1
Rows per page
Query Builder