19 matches found
CVE-2026-31642
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...
CVE-2026-31642 rxrpc: Fix call removal to use RCU safe deletion
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...
CVE-2026-23169 mptcp: fix race in mptcp_pm_nl_flush_addrs_doit()
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race in mptcppmnlflushaddrsdoit syzbot and Eulgyu Kim reported crashes in mptcppmnlgetlocalid and/or mptcppmnlisbackup Root cause is listspliceinit in mptcppmnlflushaddrsdoit which is not RCU ready. listspliceinitrcu c...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992646)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992646 advisory. In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvifflushhash During the listforeachentryrcu iteration call of...
CVE-2025-40168
CVE-2025-40168 : In the Linux kernel, smc_clc_prfx_match() was using sk_dst_get(sk)->dev, which could trigger a use-after-free since smc_listen_work() is not under RCU/RTNL. The fix switches to __sk_dst_get() and dst_dev_rcu() to safely obtain the device. Note: the function’s return value is n...
EUVD-2025-2613
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-21823
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Drop unmanaged ELP metric worker The ELP worker needs to calculate new metric values for all neighbors "reachable" over an interface. Some of the used metric sources require locks which might need to sleep. This sleep...
CVE-2025-21664
In the Linux kernel, the following vulnerability has been resolved: dm thin: make getfirstthin use rcu-safe list first function The documentation in rculist.h explains the absence of listemptyrcu and cautions programmers against relying on a listempty - listfirst sequence in RCU safe code. This i...
CVE-2025-21664
In the Linux kernel, the following vulnerability has been resolved: dm thin: make getfirstthin use rcu-safe list first function The documentation in rculist.h explains the absence of listemptyrcu and cautions programmers against relying on a listempty - listfirst sequence in RCU safe code. This i...
CVE-2025-21664
CVE-2025-21664 affects the Linux kernel’s device-mapper thin provisioning path (dm-thin). The issue arises from get_first_thin using a sequence of RCU-safe list operations (list_empty_rcu() followed by list_first()) that perform separate READ_ONCE()s of the list head, which can yield inconsistent...
CVE-2025-21664 dm thin: make get_first_thin use rcu-safe list first function
In the Linux kernel, the following vulnerability has been resolved: dm thin: make getfirstthin use rcu-safe list first function The documentation in rculist.h explains the absence of listemptyrcu and cautions programmers against relying on a listempty - listfirst sequence in RCU safe code. This i...
CVE-2025-21664
In the Linux kernel, the following vulnerability has been resolved: dm thin: make getfirstthin use rcu-safe list first function The documentation in rculist.h explains the absence of listemptyrcu and cautions programmers against relying on a listempty - listfirst sequence in RCU safe code. This i...
SUSE CVE-2022-48785
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...
DEBIAN-CVE-2022-48785
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...
CVE-2022-48785
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...
UBUNTU-CVE-2022-48785
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...
CVE-2022-48785 ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...
CVE-2022-48785 ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...
DEBIAN-CVE-2024-27020
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix potential data-race in nftexprtypeget nftunregisterexpr can concurrent with nftexprtypeget, and there is not any protection when iterate over nftablesexpressions list in nftexprtypeget. Therefore, there i...