CVE-2025-52434

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 throug...

CVE-2025-47999

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network...

CVE-2025-49665

Concurrent execution using shared resource with improper synchronization 'race condition' in Workspace Broker allows an authorized attacker to elevate privileges locally...

PT-2025-29046

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0-rc7 Description: A flaw was discovered in the Linux kernel related to the MPLS Multiprotocol Label Switching implementation. Specifically, the mpls route input rcu function could be called from within an...

CVE-2025-38250

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

AZL-64847 CVE-2025-38250 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

DEBIAN-CVE-2025-38250

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

AZL-70495 CVE-2025-38250 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

UBUNTU-CVE-2025-38250

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

CVE-2025-38250

In CVE-2025-38250, the Linux kernel Bluetooth vhci_flush() path is affected by a use-after-free when a thread closes a vhci fd while another thread uses the device. The issue stems from a missing synchronization after unlinking hdev from hci_dev_list in hci_unregister_dev(), allowing another thre...

CVE-2025-38250 Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

CVE-2025-38250 Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

Vulnerability of the shmemFetchNotification() function in the drivers/firmware/arm_scmi/common.h module – a driver for supporting Linux kernel patches, which allows an attacker to trigger a service failure

Vulnerability of the shmemFetchNotification function in the drivers/firmware/armscmi/common.h module – The driver for handling Linux kernel patches is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerability of the drm_mode_page_flip_ioctls function in the drivers/gpu/drm/drm_plane.c module – A driver for supporting Direct Rendering Infrastructure (DRI) in the Linux operating system, which allows a hacker to trigger a service failure.

Vulnerability of the drmmodepageflipioctls function in the drivers/gpu/drm/drmplane.c module – The Linux kernel’s Direct Rendering Infrastructure DRI driver has vulnerabilities related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to...

SUSE CVE-2025-38181

In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipsoreqset,delattr. syzkaller reported a null-ptr-deref in sockomalloc while allocating a CALIPSO option. 0 The NULL is of struct sock, which was fetched by sktofullsk in calipsoreqsetattr. Since...

CVE-2025-47999

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network...

Workspace Broker Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Workspace Broker allows an authorized attacker to elevate privileges locally...

CVE-2025-38237

In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Add hardware sync wait to fimcishwchangemode In fimcishwchangemode, the function changes camera modes without waiting for hardware completion, risking corrupted data or system hangs if subsequent...

CVE-2025-38237 media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode()

In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Add hardware sync wait to fimcishwchangemode In fimcishwchangemode, the function changes camera modes without waiting for hardware completion, risking corrupted data or system hangs if subsequent...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not waiting for hardware synchronization to complete, which could result in data corruption or system hangs...