DEBIAN-CVE-2025-40319

In the Linux kernel, the following vulnerability has been resolved: bpf: Sync pending IRQ work before freeing ring buffer Fix a race where irqwork can be queued in bpfringbufcommit but the ring buffer is freed before the work executes. In the syzbot reproducer, a BPF program attached to schedswit...

CVE-2025-40319

In the Linux kernel, the following vulnerability has been resolved: bpf: Sync pending IRQ work before freeing ring buffer Fix a race where irqwork can be queued in bpfringbufcommit but the ring buffer is freed before the work executes. In the syzbot reproducer, a BPF program attached to schedswit...

CVE-2025-40319

CVE-2025-40319 relates to the Linux kernel BPF ring buffer race where an irq_work could be queued by bpf_ringbuf_commit() and the buffer could be freed before the work executes. The fix ensures all pending irq_work complete before freeing the ring buffer by calling irq_work_sync(&rb->work). Im...

CVE-2025-40319 bpf: Sync pending IRQ work before freeing ring buffer

In the Linux kernel, the following vulnerability has been resolved: bpf: Sync pending IRQ work before freeing ring buffer Fix a race where irqwork can be queued in bpfringbufcommit but the ring buffer is freed before the work executes. In the syzbot reproducer, a BPF program attached to schedswit...

CVE-2025-40318 Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix race in hcicmdsyncdequeueonce hcicmdsyncdequeueonce does lookup and then cancel the entry under two separate lock sections. Meanwhile, hcicmdsyncwork can also delete the same entry, leading to double listd...

CVE-2023-53759

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidrawopen function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently...

PT-2025-49448

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists where an interrupt request IRQ work item can be queued in the bpf ringbuf commit function, but the ring buffer may be freed before the work item executes. This ca...

OESA-2025-2775 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the...

OESA-2025-2774 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the...

PT-2026-2513

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the USB PHY driver for Freescale fsl-usb within the Linux kernel. The vulnerability occurs due to a race condition during device removal where a delayed...

USN-7909-2 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...

[SECURITY] Fedora 43 Update: syncplay-1.7.4-6.fc43

Solution to synchronize video playback across multiple instances of mpv, VLC, MPC-HC and MPC-BE over the Internet. Syncplay synchronizes the position and play state of multiple media players so that the viewers can watch the same thing at the same time. This means that when one person...

[SECURITY] Fedora 41 Update: nextcloud-32.0.2-1.fc41

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

[SECURITY] Fedora 43 Update: nextcloud-32.0.2-1.fc43

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

RockyLinux 10 : kernel (RLSA-2025:20095)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:20095 advisory. kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: exfat: fix out-of-bounds access of...

ROS-20251202-07

A vulnerability in the Google Chrome browser's DevTools web development toolkit is related to synchronization errors when using a shared resource. synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the sandbox...

CVE-2025-40213

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...

DEBIAN-CVE-2025-40212

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsdsetfhdentry nfsd exports a "pseudo root filesystem" which is used by NFSv4 to find the various exported filesystems using LOOKUP requests from a known root filehandle. NFSv3 uses the MOUNT protocol ...

[SECURITY] Fedora 43 Update: calibre-8.14.0-1.fc43

Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack overflow and double deletion in the setmeshsync and setmeshcomplete functions in Bluetooth MGMT, whi...