715 matches found
CVE-2025-21933 arm: pgtable: fix NULL pointer dereference issue
In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: fix NULL pointer dereference issue When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which will cause a NULL pointer dereference issue in adjustpte: Unable to handle kernel NULL pointe...
CVE-2022-49742
In the Linux kernel, the following vulnerability has been resolved: f2fs: initialize locks earlier in f2fsfillsuper syzbot is reporting lockdep warning at f2fshandleerror 1, for spinlock&sbi-errorlock is called before spinlockinit is called. For safe locking in error handling, move initialization...
CVE-2025-21876
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix suspicious RCU usage Commit "iommu/vt-d: Allocate DMAR fault interrupts locally" moved the call to enabledrhdfaulthandling to a code path that does not hold any lock while traversing the drhd list. Fix it by...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ptdma driver's use of mutex locks in interrupt contexts...
Directory Traversal
Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Directory Traversal in the LockManager.releaselocks function. An attacker can delete arbitrary files on the filesystem by passing an absolute path to the target file ...
CVE-2024-8769
CVE-2024-8769 affects aimhubio/aim where the LockManager.release_locks function concatenates a user-controlled run_hash into a path, enabling relative path traversal that can delete arbitrary files. The flaw is exposed through Repo._close_run() via the tracking server instruction API, potentially...
Aim 安全漏洞
Aim is an easy-to-use and high-performance open source experiment tracker from Aim Open Source USA. A security vulnerability exists in the bb76afe version of Aim, which stems from the LockManager.releaselocks function not normalizing user-controllable parameters, which could lead to arbitrary fil...
Linux 6.4 VMA Use-After-Free / Race Condition
Linux 6.4 suffers from a use-after-free condition when per-VMA locks introduce a race between page fault and MREMAPDONTUNMAP...
Linux LSM POSIX Lock Use-After-Free
An LSM can prevent the fcntl/close race cleanup path in fcntlsetlk from working, leading to use-after-free read in lockgetstatus when reading /proc/locks...
CVE-2025-21827 Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usbdriverclaiminterface The documentation for usbdriverclaiminterface says that "the device lock" is needed when the function is called from places other than probe. This appears to be th...
CVE-2025-21827
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usbdriverclaiminterface The documentation for usbdriverclaiminterface says that "the device lock" is needed when the function is called from places other than probe. This appears to be th...
Linux Distros Unpatched Vulnerability : CVE-2024-41012
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - filelock: Remove locks reliably when fcntl/close race is detected When fcntlsetlk races with close, it removes the created lock with dolockfilewait. However, LS...
Linux Distros Unpatched Vulnerability : CVE-2022-49316
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout...
SUSE CVE-2025-21809
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpcpeer objects. The address list is freed under RCU and at this time, it puts the refs on those peers...
CVE-2025-21809
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpcpeer objects. The address list is freed under RCU and at this time, it puts the refs on those peers...
DEBIAN-CVE-2025-21767
In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migratedisable to avoid calling getrandomu32 in atomic context The following bug report happened with a PREEMPTRT kernel: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:48...
SUSE CVE-2022-49159
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Implement ref count for SRB The timeout handler and the done function are racing. When qla2x00asynciocbtimeout starts to run it can be preempted by the normal response path via the firmware?. qla24xxasyncgpscspdone...
SUSE CVE-2022-49316
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Don't hold the layoutget locks across multiple RPC calls When doing layoutget as part of the open compound, we have to be careful to release the layout locks before we can call any further RPC calls, such as setattr. The...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of uninitialized mutex locks, resulting in debugging warnings...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling peer hash locks and RCU callbacks, which could lead to a deadlock...