Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle the deactivation of DBCs when the owner leaves. When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host via the QAICCONTROL MHI channel. QAIC handles this by calling...

PT-2026-40164

Name of the Vulnerable Software and Affected Versions Windows Ancillary Function Driver for WinSock affected versions not specified Description A race condition occurs in the Windows Ancillary Function Driver for WinSock due to improper synchronization when using a shared resource. This allows an...

PT-2026-40146

Name of the Vulnerable Software and Affected Versions Windows Win32K - GRFX affected versions not specified Description A race condition occurs in Windows Win32K - GRFX due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges locally t...

Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU NBD Server. This vulnerability allows for a Denial-of-Service DoS attack through improper synchronization during socket closure, where a client keeps a socket open while the server is offline...

Incorrect Synchronization

Overview fschat is an An open platform for training, serving, and evaluating large language model based chatbots. Affected versions of this package are vulnerable to Incorrect Synchronization in the form of synchronous invocation of the apigenerate and generategate functions in the Worker API. An...

CVE-2026-27927

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Projected File System allows an authorized attacker to elevate privileges locally...

SUSE-SU-2026:1330-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap bsc1260922. - CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom bsc1260923. - CVE-2026-34001: XSYNC Use-after-free in miSyncTriggerFence bsc1260924. - CVE-2026-34002: XKB...

ROS-20260403-73-0024

A vulnerability in the hvnetvsc component of the Linux operating system kernel is related to a lack of synchronization. Exploitation of the vulnerability allows an attacker to cause a denial of service...

CVE-2026-24296

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Device Association Service allows an authorized attacker to elevate privileges locally...

RHEL 9 : kernel (RHSA-2026:3692)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3692 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: mpi3mr: Synchronous access b/w...

ROS-20260304-73-0003

A vulnerability in the etsqdiscchange function of the netsched component of the Linux kernel is related to simultaneous execution using a shared resource with incorrect synchronization. Exploitation of the vulnerability allows an attacker to cause a denial of service...

CVE-2026-25959 FreeRDP has heap-use-after-free in xf_cliprdr_provide_data_

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition in which maps from multiple components may be accessed without synchronization. When under heavy concurrent activity, either spontaneous or attacker-generated, the process can be caused to panic and crash with fatal error...

FreeRDP 资源管理错误漏洞

FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from the use of ainputsendinputevent to cache channelcallback in local variables, which...

ROS-20260120-73-0004

A vulnerability in the ipcmsgsendrequest function of the fs/smb/server/transportipc.c module of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004062)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004062 advisory. A flaw was found in Linux Kernel because access to the global variable fgconsole is not properly synchronized leading to a use after free in confontop. Tenable has...

kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg

A flaw was found in the Linux kernel's SCTP implementation. This vulnerability allows a use-after-free read via a race condition during SCTP message sending...

PT-2026-8201

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A use-after-free issue exists in the iscsit dec session usage count function within the SCSI target iSCSI component of the Linux kernel. The function calls complete while holding the...

PT-2025-52989

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc6-btrfs-next-134+ Description The Linux kernel contains a flaw in the btrfs file system related to race conditions when deleting quota roots from the dirty cow roots list. Specifically, when disabling...

CVE-2025-68287

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fix race condition between concurrent dwc3removerequests call paths This patch addresses a race condition caused by unsynchronized execution of multiple call paths invoking dwc3removerequests, leading to premature...