78 matches found
CVE-2026-53197
A flaw was found in the iptfs module of the Linux kernel. This issue, an ABBA deadlock, occurs when iptfsdestroystate attempts to cancel a timer while holding a spinlock that the timer's callback also tries to acquire. This circular dependency can cause the system to become unresponsive, leading ...
EUVD-2026-39288
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks trying to cancel each other can also occur when using bpfmapupdateelem. More precisely, freeing elements containing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: Cancel the running BPF timer through kworker for PREEMPTRT During the update process, when overwriting an element in a pre-allocated htab, the freeing of oldelement is protected by the bucket lock. The reason why the bucket...
EUVD-2026-34129
In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...
CVE-2026-46267 nfc: hci: shdlc: Stop timers and work before freeing context
In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...
PT-2026-46030
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF condition exists in the Linux kernel's NFC HCI SHDLC implementation. The function llc shdlc deinit purges SHDLC skb queues and frees the llc shdlc structure while...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fixed a use-after-free bug in brcmfcfg80211detach. This is the candidate patch for CVE-2023-47233: https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In the brcm80211 driver, the process starts with the following...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - dm integrity: Fixed a UAF Use-after-Free in dmintegritydtr. - dmintegrity also has the same UAF problem when dmresume and dmdestroy are executed concurrently. Therefore, the timer is cancelled again in dmintegritydtr...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - dm cache: Fixed UAF in the destroy function. - Dmcache also has the same UAF issue when dmresume and dmdestroy are executed concurrently. Therefore, the timer is canceled again in the destroy function...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013363)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013363 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010803)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010803 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...
CVE-2026-23014 perf: Ensure swevent hrtimer is properly destroyed
In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...
SUSE CVE-2026-22997
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
CVE-2026-22997
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
UBUNTU-CVE-2026-22997
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
CVE-2026-22997
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
CVE-2026-22997
The CVE-2026-22997 issue affects the Linux kernel CAN/J1939 subsystem. The root cause is that j1939_session_deactivate_activate_next() is only invoked in j1939_tp_rxtimer() when the timer is enabled, allowing a refcount leak if the timer is cancelled without calling the function. This can lead to...
EUVD-2026-4637
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
Azure Linux 3.0 Security Update: kernel (CVE-2024-42239)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42239 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback ...