UBUNTU-CVE-2025-38440

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race between DIM disable and netdim There's a race between disabling DIM and NAPI callbacks using the dim pointer on the RQ or SQ. If NAPI checks the DIM state bit and sees it still set, it assumes rq-dim or sq-dim...

CVE-2025-38440

CVE-2025-38440 : In the Linux kernel, a race between disabling DIM and net_dim() in mlx5e can cause a NULL pointer dereference of rq->dim/sq->dim. The fix calls synchronize_net() before freeing the DIM context to ensure in-flight NAPI callbacks complete before the pointer is cleared, preven...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the msm drm module failing to release a synchronization file in a commit error path, which could lead to a...

The vulnerability of the Secure Boot component in Espressif Systems’ ESP series microcontrollers allows a hacker to redirect the execution of commands to an arbitrary address.

The vulnerability of the Secure Boot v2 component in Espressif Systems’ microcontrollers is related to synchronization errors when using a common resource “Race Condition”. Exploiting this vulnerability could allow an attacker to redirect the execution of commands to an arbitrary address...

SMB Kerberos Not Working

The scan was configured to use Kerberos for Windows authentication, but Kerberos failed at least once for this host. There are many causes for Kerberos failure in a Windows environment. They include: Lack of time synchronization between the DC, scanner and target. DC or targets were not specified...

Jamming-Resistant AAV Communications: a Multichannel-Aided Approach

Jamming cancellation is essential to reliable unmanned autonomous vehicle AAV communications in the presence of malicious jammers. In this paper, we develop a practical multichannel-aided jamming cancellation method to realize secure AAV communications. The proposed method is capable of...

USN-7654-2 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system allows attackers to circumvent existing security restrictions.

The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

The vulnerability of the corporate platform Microsoft Teams, related to synchronization errors when using a shared resource, allows a perpetrator to increase their privileges.

The vulnerability of the corporate platform Microsoft Teams is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability in the virtual controller OHCI USB programming interface of Oracle VM VirtualBox allows a attacker to escalate their privileges and execute arbitrary code.

The vulnerability of the virtual controller OHCI USB programming interface in Oracle VM VirtualBox is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges and execute arbitrary code...

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of the BitLocker data protection function in Microsoft Windows operating systems is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

Vulnerability of Windows operating systems, related to synchronization errors when using shared resources, allows attackers to escalate their privileges.

The vulnerability of Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

SharePoint Sites May Not Be Displayed When Browsing Backups

Challenge When browsing backups or backup copies, SharePoint root sites and their subsites may not be visible. Cause If a backed-up SharePoint subsite is moved between repositories using the Move-VBOEntityData cmdlet, or removed from a repository using the Remove-VBOEntityData cmdlet, the metadat...

The vulnerability of the Input Method Editor (IME) component of Microsoft Windows, which allows a hacker to gain elevated privileges

The vulnerability of the Input Method Editor IME component in Microsoft Windows is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to gain increased privileges remotely...

The vulnerability of the Windows Hyper-V hardware virtualization system of Microsoft Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Windows Hyper-V hardware virtualization technology in Microsoft Windows operating systems is related to synchronization errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the Connected Devices Platform Service (CDPSvc) in Microsoft Windows operating systems allows a perpetrator to escalate their privileges.

The vulnerability of the Connected Devices Platform Service CDPSvc for Microsoft Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows QoS Scheduler Driver, which allows attackers to increase their privileges on Windows operating systems

The vulnerability of the Windows QoS Scheduler Driver affects operating systems with Windows, and it is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to gain increased privileges...

Huawei HarmonyOS and EMUI calendar storage module privilege bypass vulnerability (CNVD-2025-16594)

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. A privilege bypass...

Huawei HarmonyOS and EMUI calendar storage module privilege bypass vulnerability

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. A privilege bypass...

CVE-2025-52434

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 throug...