CVE-2022-50317

CVE-2022-50317 affects the Linux kernel, specifically the DRM bridge driver for Megachips (stdp2690 and stdp4028). The issue is a null-pointer dereference that occurs when removing the module because the two bridges are not probed concurrently, causing ge_b850v3_register() not to be called for in...

CVE-2023-53204 af_unix: Fix data-races around user->unix_inflight.

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under spinlockunixgclock, but toomanyunixfds reads it locklessly. Let's annotate the write/read accesses to user-unixinflight. BUG: KCSAN: data-race in...

CVE-2025-9076

Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or compromised remote clusters to access sensitive user information via unsanitized user objects. This vulnerability affects Mattermost Server instanc...

PT-2025-37674

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.1.0-20221027.rc2.git8.56bc5b569087.300.fc36.s390x+debug and earlier Description The Linux kernel contained a deadlock vulnerability within the net/smc module, triggered by cancel delayed work syn. The issue was identifi...

PT-2025-37660

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free issue within the netup unidvb driver when a Universal DVB card is detached. Specifically, the del timer function may not successfully stop th...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost 10.10.1 and prior versions 10.10.x that stems from user data not being properly cleaned during shared channel member synchronization, which could allow a...

PT-2025-37464

Name of the Vulnerable Software and Affected Versions Mattermost versions 10.10.x through 10.10.1 Description Mattermost Server instances with shared channels enabled are susceptible to an information disclosure issue. The software fails to properly sanitize user data during shared channel...

kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

Multi-Channel Secure Communication Framework for Wireless IoT (MCSC-WoT): Enhancing Security in Internet of Things

In modern smart systems, the convergence of the Internet of Things IoT and Wireless of Things WoT have been revolutionized by offering a broad level of wireless connectivity and communication among various devices. Hitherto, this greater interconnectivity poses important security problems,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle synchronization memory errors, which could result in a system reboot or a hard...

kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

CVE-2025-47997

Concurrent execution using shared resource with improper synchronization 'race condition' in SQL Server allows an authorized attacker to disclose information over a network...

Graphics Kernel Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Graphics Kernel allows an authorized attacker to execute code locally...

Windows Graphics Component Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...

PT-2025-36878

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A flaw exists in the Windows UI XAML Maps MapControlSettings component due to improper synchronization during concurrent execution using a shared resource, leading to a race condition. This...

PT-2025-36830

Name of the Vulnerable Software and Affected Versions: Microsoft Graphics Component affected versions not specified Description: A race condition exists due to concurrent execution using a shared resource with improper synchronization within the Microsoft Graphics Component. This allows an...

PT-2025-36856

Name of the Vulnerable Software and Affected Versions: Windows Connected Devices Platform Service affected versions not specified Description: The Windows Connected Devices Platform Service contains a race condition due to improper synchronization during concurrent execution using a shared...