222 matches found
CVE-2026-43455 mctp: route: hold key->lock in mctp_flow_prepare_output()
In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...
CVE-2026-43455
In CVE-2026-43455, multiple sources confirm a race in the Linux kernel MCTP module: mctp_flow_prepare_output() checks key->dev and may call mctp_dev_set_key() without holding key->lock, while both mctp_dev_set_key() and mctp_dev_release_key() require the lock. This can allow concurrent path...
CVE-2026-43455
In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...
CVE-2026-43455 mctp: route: hold key->lock in mctp_flow_prepare_output()
In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...
CVE-2026-43375
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
CVE-2026-43375
CVE-2026-43375 concerns the Linux kernel in the MCTP path. A leak occurs during probe failures because the driver saves a reference to the USB device but fails to release it on error paths. The fix drops the redundant device reference to prevent memory leaks when the probe fails, simplifying driv...
CVE-2026-43375
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mctp i2c component. When midev-allowrx is set to false, the newly allocated skb packets are n...
PT-2026-39116
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the mctp flow prepare output function. The function checks key-dev and may call mctp dev set key without holding the key-lock, despite the latter being intende...
Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014352)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014352 advisory. In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warning: Use ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCKRCUFREE The Bind lookup operation is executed under RCU; therefore, ensure that a socket does not disappear during the middle of a lookup operation...
Security update for the Linux Kernel
The SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1234863. CVE-2024-57891: schedext: Fix invalid irq restore in scxopsbypass...
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:03634-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03634-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following securi...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708...
SUSE-SU-2025:03633-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. -...
EUVD-2025-9418
Malicious code in bioql PyPI...
EUVD-2022-15740
Malicious code in bioql PyPI...
EUVD-2025-12948
Malicious code in bioql PyPI...
EUVD-2023-44103
Malicious code in bioql PyPI...
EUVD-2025-27859
Malicious code in bioql PyPI...