CVE-2025-40140

In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netifwakequeue in rtl8150setmulticast syzbot reported WARNING in rtl8150startxmit/usbsubmiturb. This is the sequence of events that leads to the warning: rtl8150startxmit netifstopqueue;...

CVE-2025-40140

The CVE-2025-40140 issue affects the Linux kernel USB Realtek RTL8150 ethernet driver. The root cause is a race in rtl8150_set_multicast where netif_stop_queue() is followed by netif_wake_queue(), waking the TX queue before the URB completes and enabling a potential double submission in rtl8150_s...

CVE-2025-60723

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows DirectX allows an authorized attacker to deny service over a network...

CVE-2025-59508

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...

CVE-2025-62215

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kernel allows an authorized attacker to elevate privileges locally...

EUVD-2025-93397

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kernel allows an authorized attacker to elevate privileges locally...

EUVD-2025-93425

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally...

CVE-2025-59507

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...

EUVD-2025-93450

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...

kernel: acpi: typec: ucsi: Introduce a ->poll_cci method

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

kernel: acpi: typec: ucsi: Introduce a ->poll_cci method

In the Linux kernel, the following vulnerability has been resolved: acpi: typec: ucsi: Introduce a -pollcci method For the ACPI backend of UCSI the UCSI "registers" are just a memory copy of the register values in an opregion. The ACPI implementation in the BIOS ensures that the opregion contents...

kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

Windows Kernel Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Kernel allows an authorized attacker to elevate privileges locally...

PT-2025-46484

Name of the Vulnerable Software and Affected Versions Windows DirectX affected versions not specified Description A race condition exists in Windows DirectX due to concurrent execution using a shared resource with improper synchronization. This allows an authorized attacker to cause a denial of...

PT-2025-46456

Name of the Vulnerable Software and Affected Versions Windows DirectX affected versions not specified Description A race condition exists in Windows DirectX due to concurrent execution using a shared resource with improper synchronization. This allows an authorized attacker to elevate privileges...

ALSA-2025:20095 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: exfat: fix out-of-bounds access of directory entries CVE-2024-53147 kernel: zra...

Microsoft Windows Bluetooth Service Resource Management Error Vulnerability

Microsoft Windows Bluetooth Service is a Bluetooth driver from Microsoft Microsoft Corporation, USA. A resource management error vulnerability exists in Microsoft Windows Bluetooth Service that stems from a contention condition due to improper synchronization of shared resources, which can be...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990459)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990459 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: tty: serial: Fix deadlock in sa1100settermios There is a deadlock in sa1100settermios,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989405 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdtstartup This module's remove path calls deltimer...