kernel: rxrpc: Fix a race between socket set up and I/O thread creation

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix a race between socket set up and I/O thread creation In rxrpcopensocket, it sets up the socket and then sets up the I/O thread that will handle it. This is a problem, however, as there's a gap between the two phases in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990570)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990570 advisory. In the Linux kernel, the following vulnerability has been resolved: m68k: Fix spinlock race in kernel thread creation Context switching does take care to retain the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989843)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989843 advisory. In the Linux kernel, the following vulnerability has been resolved: m68k: Fix spinlock race in kernel thread creation Context switching does take care to retain the...

AZL-68799 CVE-2025-40024 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: vhost: Take a reference on the task in struct vhosttask. vhosttaskcreate creates a task and keeps a reference to its taskstruct. That task may exit early via a signal and its taskstruct will be released. A pending vhosttaskwake...

EUVD-2010-1907

Malware in sbrugna...

EUVD-2025-3111

Malicious code in bioql PyPI...

defcon27_csharp_workshop

This repository contains a collection of C code snippets and labs for writing custom backdoor payloads, as part of a workshop presented at Defcon 27. The code covers various topics, including Windows API calls, memory allocation, thread creation, and encryption. The code snippets are organized in...

ROS-20250821-06

A vulnerability in the Perl programming language is related to the race condition if a directory descriptor is opened when the thread is created. Exploitation of the vulnerability could allow an attacker to interfere with the application's behavior...

CVE-2025-40909

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: m68k: Fixed the spinlock race in kernel thread creation. Context switching ensures that the correct lock owner is retained during the switch from the “prev” task to the “next” task. This relies on interrupts remaining disabled...

BIT-NODE-MIN-2025-23083

With the aid of the diagnosticschannel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage...

CVE-2024-49866 tracing/timerlat: Fix a race during cpuhp processing

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Fix a race during cpuhp processing There is another found exception that the "timerlat/1" thread was scheduled on CPU0, and lead to timer corruption finally: ODEBUG: init active active state 0 object:...

CVE-2024-49866 tracing/timerlat: Fix a race during cpuhp processing

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Fix a race during cpuhp processing There is another found exception that the "timerlat/1" thread was scheduled on CPU0, and lead to timer corruption finally: ODEBUG: init active active state 0 object:...

CVE-2024-49864 rxrpc: Fix a race between socket set up and I/O thread creation

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix a race between socket set up and I/O thread creation In rxrpcopensocket, it sets up the socket and then sets up the I/O thread that will handle it. This is a problem, however, as there's a gap between the two phases in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between socket setup and I/O thread creation in the rxrpcopensocket function, which could...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2024:2790-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2790-1 advisory. Update to Mozilla Thunderbird 115.13 MFSA 2024-31, bsc1226316: Security fixes: - CVE-2024-6600:...

Mozilla: Memory corruption in thread creation

The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Mozilla: Memory corruption in thread creation

The Mozilla Foundation Security Advisory describes this flaw as: In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...