SUSE CVE-2026-46194

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix nodecnt race between extent node destroy and writeback f2fsdestroyextentnode does not set FINOEXTENT before clearing extent nodes. When called from f2fsdropinode with ISYNC set, concurrent kworker writeback can insert n...

CVE-2026-46194

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix nodecnt race between extent node destroy and writeback f2fsdestroyextentnode does not set FINOEXTENT before clearing extent nodes. When called from f2fsdropinode with ISYNC set, concurrent kworker writeback can insert n...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nodecnt competition between the destruction and write-back operations of extent nodes in f2fs...

CVE-2026-45910

The CVE-2026-45910 issue affects the Linux kernel RDMA/rxe driver, caused by a race between retransmit_timer() and rxe_destroy_qp that can drop a Queue Pair (QP) reference count to zero during timer handling. Public documents describe a use-after-free risk and refcount underflow in affected flows...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-Buffer: Sync-IRQ works before the buffer is destroyed. If something was written to the buffer just before its destruction, it may be possible—although not in a real system—to destroy the ringbuffer before the IRQ-related...

Linux Distros Unpatched Vulnerability : CVE-2026-31678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev...

CVE-2026-32942

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...

UBUNTU-CVE-2025-68261

In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...

EUVD-2023-60111

In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increase the refcount syzkaller found a race where IOMMUFDDESTROY increments the refcount: obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj;...

PT-2025-51674

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ext4 filesystem implementation. Specifically, a race condition exists between inline data destruction and block mapping within the ext4 destroy...

kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...

SUSE CVE-2022-49672

In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...

SUSE CVE-2021-29952

When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox 88.0.1 and Firefox for Android 88.1.3...

Google Chrome < M73 - Double-Destruction Race in StoragePartitionService Exploit

Google Chrome M73 - Double-Destruction Race in StoragePartitionService There's a race condition in the destruction of the BindingState for bindings to the StoragePartitionService. It looks like the root cause of the issue is that since we can get two concurrent calls to callbacks returned from...