3907 matches found
PT-2025-53197
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the hidp session thread function, potentially leading to a use-after-free issue. Specifically, the timer may remain active while hidp del timer is invoked...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of synchronization mechanisms that could lead to reuse after release...
CLSA-2025-1766502382 keylime: Fix of CVE-2025-13609
CVE-2025-13609: enforce TPM identity immutability for agent UUIDs in registrar, add shared memory for multiprocess synchronization...
ROS-20251223-7314
A vulnerability in the Snapshot/Restore commands of the AdminServer component of the centralized service for maintaining configuration information, naming, providing distributed synchronization, and provisioning Apache ZooKeeper group services is related to incorrect handling of insufficient...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a synchronization external abort, which could lead to a synchronization external abort error when unbinding...
Quest Coexistence Manager for Notes 安全漏洞
Quest Coexistence Manager for Notes is a data synchronization software from Quest USA. A security vulnerability exists in Quest Coexistence Manager for Notes, which stems from an inconsistent HTTP request/response interpretation that could lead to an HTTP request entrapment attack...
PT-2025-52252
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel related to the SCSI subsystem and the IMM Integrated Microcode Module parallel port SCSI host adapter. The problem occurs because a...
ROS-20251217-7307
A vulnerability in the Graphics component of Mozilla Firefox and Firefox ESR browsers is related to synchronization errors when using a shared resource "Race Situation". Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
EUVD-2025-203775
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...
CVE-2025-68305
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...
CVE-2025-68304
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: lookup hciconn on RX path on protocol side The hdev lock/lookup/unlock/use pattern in the packet RX path doesn't ensure hciconn is not concurrently modified/deleted. This locking appears to be leftover from...
CVE-2025-68287
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fix race condition between concurrent dwc3removerequests call paths This patch addresses a race condition caused by unsynchronized execution of multiple call paths invoking dwc3removerequests, leading to premature...
UBUNTU-CVE-2025-68305
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...
CVE-2025-68240
The CVE-2025-68240 entry concerns the Linux kernel nilfs2 subsystem. The described vulnerability arose because a sc_timer could remain active when freeing sci, caused by kthread_stop not reliably stopping sc_task (returning -EINTR), leaving the timer improperly closed. The remediation uses timer_...
CVE-2025-68171
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported 1 the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfdvalidatestate+0x65/0x70 Call Trace: fpuclearuserstates+0x9c/0x100...
CVE-2025-68171
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported 1 the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfdvalidatestate+0x65/0x70 Call Trace: fpuclearuserstates+0x9c/0x100...
UBUNTU-CVE-2025-68207
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Synchronize Dead CT worker with unbind Cancel and wait for any Dead CT worker to complete before continuing with device unbinding. Else the worker will end up using resources freed by the undind operation. cherry pick...
UBUNTU-CVE-2025-68171
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported 1 the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfdvalidatestate+0x65/0x70 Call Trace: fpuclearuserstates+0x9c/0x100...
CVE-2025-68207 drm/xe/guc: Synchronize Dead CT worker with unbind
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Synchronize Dead CT worker with unbind Cancel and wait for any Dead CT worker to complete before continuing with device unbinding. Else the worker will end up using resources freed by the undind operation. cherry pick...
CVE-2025-68207 drm/xe/guc: Synchronize Dead CT worker with unbind
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Synchronize Dead CT worker with unbind Cancel and wait for any Dead CT worker to complete before continuing with device unbinding. Else the worker will end up using resources freed by the undind operation. cherry pick...