SUSE CVE-2025-9076

Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or compromised remote clusters to access sensitive user information via unsanitized user objects. This vulnerability affects Mattermost Server instanc...

CVE-2025-59220

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally...

CVE-2025-59216

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

PT-2025-38438

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to a potential NULL-pointer dereference within the rcu print task exp stall function when built with CONFIG PREEMPT RCU=y. This occurs...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly disabling the DMA use flag in the fsllpuart driver, which could lead to a synchronization...

Microsoft Windows Bluetooth Service 资源管理错误漏洞

Microsoft Windows Bluetooth Service is a Bluetooth driver from Microsoft Microsoft Corporation, USA. A resource management error vulnerability exists in Microsoft Windows Bluetooth Service that stems from a contention condition due to improper synchronization of shared resources, which can be...

PT-2025-40640

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained use-after-free bugs within the otx2 sync tstamp function in the octeontx2-pf module. The original code used cancel delayed work, which did not guarantee...

CVE-2022-50374

CVE-2022-50374 affects the Linux kernel Bluetooth stack (hci_ldisc/hci_serdev). The issue is a missing handling of percpu_init_rwsem() failure, leading to a NULL pointer dereference in hci_uart_tty_close() because rcu_sync_enter() can be called without rcu_sync_init() after hci_uart_tty_open() ig...

CVE-2025-9076

Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or compromised remote clusters to access sensitive user information via unsanitized user objects. This vulnerability affects Mattermost Server instanc...

DEBIAN-CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

CVE-2023-53319 KVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no synchronisation between finalizepkvm and kvmarminit initcalls. The finalizepkvm proceeds happily even if kvmarminit fails resulting in the...

CVE-2023-53319 KVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no synchronisation between finalizepkvm and kvmarminit initcalls. The finalizepkvm proceeds happily even if kvmarminit fails resulting in the...

CVE-2022-50339 Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

PT-2025-38266

Name of the Vulnerable Software and Affected Versions Suricata versions 7.0.11 and below Suricata version 8.0.0 Description Suricata, a network IDS, IPS and NSM engine, experiences a detection bypass when receiving crafted traffic containing multiple SYN packets with differing sequence numbers...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of devlink locking, which could lead to locking conflicts during synchronization resets...

CVE-2023-53252

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hciconnparams and iterate safely in hcisync hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events in the loop body, without holding hdev lock...

CVE-2022-50305

In the Linux kernel, the following vulnerability has been resolved: ASoC: sofes8336: fix possible use-after-free in sofes8336remove sofes8336remove calls canceldelayedwork. However, that function does not wait until the work function finishes. This means that the callback function may still be...

UBUNTU-CVE-2023-53219

In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When Universal DVB card is detaching, netupunidvbdmafini uses deltimer to stop dma-timeout timer. But when timer handler netupunidvbdmatimeout is running, deltimer could not stop...

CVE-2022-50317

CVE-2022-50317 affects the Linux kernel, specifically the DRM bridge driver for Megachips (stdp2690 and stdp4028). The issue is a null-pointer dereference that occurs when removing the module because the two bridges are not probed concurrently, causing ge_b850v3_register() not to be called for in...

CVE-2023-53204 af_unix: Fix data-races around user->unix_inflight.

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under spinlockunixgclock, but toomanyunixfds reads it locklessly. Let's annotate the write/read accesses to user-unixinflight. BUG: KCSAN: data-race in...