AZL-59094 CVE-2025-21693 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

AZL-58989 CVE-2025-21693 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

UBUNTU-CVE-2025-21693

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

CVE-2025-21693 mm: zswap: properly synchronize freeing resources during CPU hotunplug

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

CVE-2025-21693 mm: zswap: properly synchronize freeing resources during CPU hotunplug

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

CVE-2025-21693

In the Linux kernel CVE-2025-21693, the zswap path could UAF resources if the original per-CPU acomp_ctx is still in use when a CPU hotplug occurs, because preemption/migration isn’t disabled during the operation. The defect affects mm/zswap: the code retrieves acomp_ctx on the current CPU at ope...

CVE-2025-21693 mm: zswap: properly synchronize freeing resources during CPU hotunplug

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

CVE-2025-21693

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from not properly synchronizing the release of resources during CPU hotplugging...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50041)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50041 advisory. - In the Linux kernel, the following vulnerability has been resolved: i40e: Fix macvlan leak by synchronizing...

CVE-2025-24371

CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol peers send their base and latest heights when they connect to a new node A, which is syncing to the tip of a network. base acts as a lower ground and informs A that the...

CVE-2022-1931

Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3...

CVE-2022-39219

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests...

CVE-2019-10923

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization IRT of the affected installation...

CVE-2024-4154

In lunary-ai/lunary version 1.2.2, an incorrect synchronization vulnerability allows unprivileged users to rename projects they do not have access to. Specifically, an unprivileged user can send a PATCH request to the project's endpoint with a new name for a project, despite not having the...

The vulnerability of the mm/mremap.c module in Android operating systems allows attackers to increase their privileges.

The vulnerability of the mm/mremap.c module in Android operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to gain increased privileges...

GHSA-22QQ-3XWM-R5X4 CometBFT allows a malicious peer to make node stuck in blocksync

Name: ASA-2025-001: Malicious peer can disrupt node's ability to sync via blocksync Component: CometBFT OUTDATED Criticality: Medium Considerable Impact; Possible Likelihood per ACMv1.2 Update of Criticality on 2026-03-06: We've made a mistake and over-rated the criticality of this bug in our...

The vulnerability in the Firefox web browser and the Thunderbird email client arises from the simultaneous execution using a shared resource with incorrect synchronization, allowing an attacker to cause a service failure.

The vulnerability in the Firefox web browser and the Thunderbird email client is related to the simultaneous execution of processes using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the IBM Engineering Requirements Management DOORS software lies in synchronization errors when using a common resource (“Race Situation”), allowing a perpetrator to execute arbitrary code.

The vulnerability of the IBM Engineering Requirements Management DOORS software is related to synchronization errors when using a shared resource „Race Condition“. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2025-23216

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was discovered in Argo CD that exposed secret values in error messages and the diff view when an invalid Kubernetes Secret resource was synced from a repository. The vulnerability assumes the user has write...