CVE-2023-54120

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidpsessionthread There is a potential race condition in hidpsessionthread that may lead to use-after-free. For instance, the timer is active while hidpdeltimer is called in hidpsessionthread. Aft...

UBUNTU-CVE-2022-50744

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rxmonitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rxmonitor, a hard lockup similar to the call trace below may occur. The spinlockbh in...

CVE-2023-54120

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidpsessionthread There is a potential race condition in hidpsessionthread that may lead to use-after-free. For instance, the timer is active while hidpdeltimer is called in hidpsessionthread. Aft...

CVE-2023-54120

CVE-2023-54120 concerns a race condition in the Linux kernel Bluetooth HIDP subsystem, where the hidp_session_thread may delay timer deletion leading to a use-after-free if the session is freed during timer expiry. The described vulnerability manifests as a potential kernel panic when hidp_idle_t...

CVE-2023-54120 Bluetooth: Fix race condition in hidp_session_thread

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidpsessionthread There is a potential race condition in hidpsessionthread that may lead to use-after-free. For instance, the timer is active while hidpdeltimer is called in hidpsessionthread. Aft...

CVE-2022-50744 scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rxmonitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rxmonitor, a hard lockup similar to the call trace below may occur. The spinlockbh in...

CVE-2022-50697

In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the cancellation will not be...

CVE-2022-50697

In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the cancellation will not be...

UBUNTU-CVE-2022-50697

In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the cancellation will not be...

CVE-2022-50697 mrp: introduce active flags to prevent UAF when applicant uninit

In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the cancellation will not be...

CVE-2022-50697 mrp: introduce active flags to prevent UAF when applicant uninit

In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the cancellation will not be...

CVE-2022-50697

CVE-2022-50697 affects the Linux kernel and relates to a race in timer cancellation that could lead to a use-after-free (UAF). The issue stems from a lack of synchronization when del_timer_sync is involved, with a syzbot crash trace showing a KASAN use-after-free in hlist_add_head and enqueue_tim...

PT-2025-53197

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the hidp session thread function, potentially leading to a use-after-free issue. Specifically, the timer may remain active while hidp del timer is invoked...

PT-2025-52927

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5-syzkaller-00008-ge01d50cbd6ee Description The Linux kernel contains a use-after-free issue within the mrp Multiple Registration Protocol component. Specifically, a synchronization problem exists in the...

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

timers: Fix NULL function pointer race in timer_shutdown_sync()

...

SUSE CVE-2025-68214

In the Linux kernel, the following vulnerability has been resolved: timers: Fix NULL function pointer race in timershutdownsync There is a race condition between timershutdownsync and timer expiration that can lead to hitting a WARNON in expiretimers. The issue occurs when timershutdownsync clear...

SUSE CVE-2025-68240

In the Linux kernel, the following vulnerability has been resolved: nilfs2: avoid having an active sctimer before freeing sci Because kthreadstop did not stop sctask properly and returned -EINTR, the sctimer was not properly closed, ultimately causing the problem 1 reported by syzbot when freeing...

SUSE CVE-2025-68247

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Plug potential memory leak in dotimercreate When posix timer creation is set to allocate a given timer ID and the access to the user space value faults, the function terminates without freeing the already allocated...