3901 matches found
EUVD-2023-60143
In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read nlk-cbrunning locklessly. Use READONCE there. Add corresponding WRITEONCE to netlinkdump and netlinkdumpstart syzbot reported: BUG:...
EUVD-2023-60170
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix UAF wear-leveling entry in eraseblkcountseqshow Wear-leveling entry could be freed in error path, which may be accessed again in eraseblkcountseqshow, for example: eraseworker eraseblkcountseqshow wl =...
CVE-2025-64658
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Shell allows an authorized attacker to elevate privileges locally...
EUVD-2025-202250
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
CVE-2025-40344
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...
CVE-2025-40344
CVE-2025-40344 is a Linux kernel vulnerability in the Intel ASoC (avs) driver. The issue arises from improper synchronization between the PCM shutdown path and the period-elapsed IRQ work, enabling a slab-use-after-free scenario when the DAI private context is freed during shutdown. The connected...
CVE-2023-53823 block/rq_qos: protect rq_qos apis with a new lock
In the Linux kernel, the following vulnerability has been resolved: block/rqqos: protect rqqos apis with a new lock commit 50e34d78815e "block: disable the elevator int delgendisk" move rqqosexit from diskrelease to delgendisk, this will introduce some problems: 1 If rqqosadd is triggered by...
SUSE CVE-2023-53759
In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidrawopen function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently...
SUSE CVE-2025-40319
In the Linux kernel, the following vulnerability has been resolved: bpf: Sync pending IRQ work before freeing ring buffer Fix a race where irqwork can be queued in bpfringbufcommit but the ring buffer is freed before the work executes. In the syzbot reproducer, a BPF program attached to schedswit...
CVE-2023-53795 iommufd: IOMMUFD_DESTROY should not increase the refcount
In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFDDESTROY should not increase the refcount syzkaller found a race where IOMMUFDDESTROY increments the refcount: obj = iommufdgetobjectucmd-ictx, cmd-id, IOMMUFDOBJANY; if ISERRobj return PTRERRobj;...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper management of the reference state of BPF synchronization callbacks, which could lead to resource...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference in a raid10 synchronization request...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from netlink's unsynchronized access to nlk-cbrunning, which could lead to data contention...
PT-2025-49715
In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk-max recvmsg len syzbot reported a data-race in data-race in netlink recvmsg 1 Indeed, netlink recvmsg can be run concurrently, and netlink dump also needs protection. 1 BUG: KCSAN:...
PT-2025-50169
Name of the Vulnerable Software and Affected Versions Microsoft Brokering File System affected versions not specified Description A flaw exists in the Microsoft Brokering File System related to concurrent execution using a shared resource with improper synchronization, creating a race condition...
PT-2025-50196
Name of the Vulnerable Software and Affected Versions Windows Shell affected versions not specified Description A flaw exists in Windows Shell related to concurrent execution using a shared resource with improper synchronization, creating a race condition. This can allow a locally authenticated...
PT-2025-49624
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference leak exists in the of dra7 atl clk probe function within the ti dra7-atl clock driver. The pm runtime get sync function increments a power management usage counter, and a...
EUVD-2025-201626
In the Linux kernel, the following vulnerability has been resolved: bpf: Sync pending IRQ work before freeing ring buffer Fix a race where irqwork can be queued in bpfringbufcommit but the ring buffer is freed before the work executes. In the syzbot reproducer, a BPF program attached to schedswit...
CVE-2023-53759 HID: hidraw: fix data race on device refcount
In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidrawopen function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently...
CVE-2023-53759 HID: hidraw: fix data race on device refcount
In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidrawopen function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently...