66 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcievent: fix potential UAF in SSP passkey handlers hciconn lookup and field access must be covered by hdev lock in hciuserpasskeynotifyevt and...
CVE-2026-44608
NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain conditions are met multi-threaded, RPZ XFR reload, RPZ zone with 'rpz-nsip'/'rpz-nsdname' triggers it could result in heap use-after-free and eventual crash. An adversary can...
PT-2026-42135
Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions 1.14.0 through 1.25.0 Description A locking inconsistency occurs when specific conditions are met: the system is multi-threaded, an RPZ Response Policy Zone XFR Zone Transfer reload is performed, and an RPZ zone...
CVE-2026-43455
A flaw was found in the Linux kernel's Message Control Transport Protocol MCTP module. A race condition exists in the mctpflowprepareoutput function where a lock is not properly held during a critical check-and-set operation. This can lead to multiple device references being acquired without prop...
EUVD-2026-28624
In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix locking in rxrpc's sendmsg Fix three bugs in the rxrpc's sendmsg implementation: 1 rxrpcnewclientcall should release the socket lock when returning an error from rxrpcgetcallslot. 2 rxrpcwaitfortxwindowintr will return...
Astra Linux - уязвимость в linux-5.10, linux-5.15
A race condition was detected in the Linux kernel’s RxRPC network protocol, during the processing of RxRPC bundles. This issue arises due to the lack of proper locking when performing operations on an object. This could allow an attacker to escalate privileges and execute arbitrary code within th...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: nvmet-tcp: fixed incorrect locking in the statechange sk callback We are not changing anything in the TCP connection state, so we should not use a writelock but rather a read lock. This caused a deadlock when running nvmet-tcp...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: fixed the issue of locking in the ieee80211startap error path. We need to hold the local-mtx to release the channel context; this is even encoded in the lockdepassertheld function. Fix this issue...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In l2capchanput of l2capcore, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2026-43018
A flaw was found in the Linux kernel's Bluetooth component. This Use-After-Free UAF vulnerability arises from insufficient locking during hciconn lookup and access within the hcileremoteconnparamreqevt function. An attacker could potentially exploit this to cause a system crash or execute arbitra...
EUVD-2026-18637
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...
CVE-2026-23420
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...
CVE-2026-23420
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...
CVE-2026-23420 wifi: wlcore: Fix a locking bug
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...
CVE-2026-23420
CVE-2026-23420 affects the Linux kernel wlcore Wi‑Fi driver. The issue is a locking-order bug where wl->mutex could be unlocked without being held, as identified by a Clang thread-safety analyzer. This is associated with potential synchronization instability; patches exist in Rootio‑Linux pack...
PT-2026-30034
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...
ROS-20260120-7310
A vulnerability in the opteesuppthrdreq function drivers/tee/optee/supp.c of the Linux operating system kernel is related to incorrect locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002645 advisory. sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a deni...