PT-2025-28510 · Microsoft · Input Method Editor +1

Name of the Vulnerable Software and Affected Versions: Microsoft Input Method Editor IME affected versions not specified Description: The issue is related to a race condition due to improper synchronization when using a shared resource, allowing an authorized attacker to elevate privileges over a...

PT-2025-28623

Name of the Vulnerable Software and Affected Versions: Microsoft Teams affected versions not specified Description: The issue is related to concurrent execution using a shared resource with improper synchronization, also known as a 'race condition', in Microsoft Teams. This allows an authorized...

RHEL 8 : rsync (RHSA-2025:10541)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10541 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...

The vulnerabilities in the components cdev.c, debugfs.c, device.c, idxd.h, init.c, and irq.c of the Linux operating system’s kernel allow a hacker to cause a service failure.

The vulnerability in the components cdev.c, debugfs.c, device.c, idxd.h, init.c, and irq.c of the Linux operating system is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. A privilege bypass...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. A privilege bypass...

The vulnerability in the fs/exec.c component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the fs/exec.c component in the Linux operating system’s kernel is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the drivers/net/ethernet/mellanox/mlx5 kernel component of the Linux operating system, which allows a hacker to cause a service failure.

The vulnerability of the drivers/net/ethernet/mellanox/mlx5 kernel component of the Linux operating system is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability in the fs/f2fs/file.c component of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability in the fs/f2fs/file.c component of the Linux operating system is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2025-27897

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A use-after-free issue has been identified in the Linux kernel, specifically in the binderfs evict inode function. This issue can be triggered by running a stress-ng workload with...

The vulnerability of the FreeScout support service management system, related to synchronization errors when using shared resources, allows a hacker to trigger a service failure.

The vulnerability of the FreeScout support service management system is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to cause a service failure...

CVE-2025-38154

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...

UBUNTU-CVE-2025-38154

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...

CVE-2025-38154 bpf, sockmap: Avoid using sk_socket after free when sending

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...

CVE-2025-38154 bpf, sockmap: Avoid using sk_socket after free when sending

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...

CVE-2025-38114 e1000: Move cancel_work_sync to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancelworksync to avoid deadlock Previously, e1000down called cancelworksync for the e1000 reset task via e1000downandstop, which takes RTNL. As reported by users and syzbot, a deadlock is possible in the following...

CVE-2025-38114

CVE-2025-38114 : In the Linux kernel, a deadlock could occur in the e1000 path due to e1000_down calling cancel_work_sync for the e1000_reset_task while RTNL is held. The fix moves cancel_work_sync to happen when the device is being removed (not during normal down), and makes e1000_reset_task a n...

The vulnerability of the drivers/scsi/lpfc component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the drivers/scsi/lpfc component in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability in the driver/nvme/host/tcp.c component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/nvme/host/tcp.c component of the Linux kernel lies in the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...

Vulnerability of components such as drivers, GPU, DRM, AMD, and display cores in the Linux operating system, which allows a hacker to trigger a service failure.

The vulnerability of components such as drivers, GPU, DRM, AMD, and display cores in the Linux operating system is related to synchronization errors. Exploiting this vulnerability can allow an attacker to cause service failures...