CVE-2025-69233

Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limits configured for their accounts/domains. This can be used by an attacker to degrade the...

USN-8370-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

SUSE-SU-2026:2216-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-49979: net: fix refcount bug in skpsockget bsc1245109. - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2026-23239: espintcp: Fix race condition...

SUSE-SU-2026:2111-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-47103: inet: fully convert sk-skrxdst to RCU rules bsc1221010. - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-54518: x86/CPU/AMD: Prevent...

CVE-2026-45849

A flaw was found in the Linux kernel's network component, specifically within the mscc: ocelot driver. The system failed to properly secure access to shared resources during network packet injection, leading to a missing lock protection vulnerability. This oversight could allow a local attacker t...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with the pkvminitvcpu function in KVM arm64. These issues involve pin leakage and ordering...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient kill delay during the rmdir operation in cgroups, potentially leading to race...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of READONCE to read the struct ublskrvctrlcmd, potentially leading to race conditions...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions during the exit of functions damoswalk and kdamondfn, potentially leading to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the md/md-llbitmap to properly raise the barrier before state machine transitions,...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Vulnerabilities existed in versions of Apple macOS Sequoia 15.7 and Tahoe 26, which stemmed from race conditions and could allow applications to obtain root access...

CVE-2026-7837 TOCTOU with root privilege in ad_flush

A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...

CVE-2026-7837

A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...

CVE-2026-7837

CVE-2026-7837 is a TOCTOU vulnerability in Netatalk 3.0.0 through 4.4.2 affecting the ad_flush function. The issue involves root-privileged file operations and could allow a remote attacker to cause limited data modification under specific race conditions. The NVD entry documents a Network attack...

PT-2026-42442

A time-of-check time-of-use TOCTOU condition in the ad flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote attacker to cause limited data modification under specific race conditions...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ppp: Fixed race conditions in pppfillforwardpath. pppfillforwardpath has two race conditions: 1. The ppp-channels list can change between listempty and listfirstentry, as ppplock is not held. If the only channel is deleted in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Remove the “MHI autoqueue” feature for IPCR DL channels. The MHI stack provides the “autoqueue” feature, which allows the MHI stack to automatically queue buffers for the RX path DL channels. Although this feature...

Astra Linux - уязвимость в linux

A vulnerability was discovered in the Linux kernel before version 5.11.7. The function usbipsockfdstore in drivers/usb/usbip/stubdev.c allows attackers to cause a denial of service attack GPF. This vulnerability occurs due to race conditions during the update of the local and shared status,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021642 advisory. In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in...