CVE-2025-68240 nilfs2: avoid having an active sc_timer before freeing sci

In the Linux kernel, the following vulnerability has been resolved: nilfs2: avoid having an active sctimer before freeing sci Because kthreadstop did not stop sctask properly and returned -EINTR, the sctimer was not properly closed, ultimately causing the problem 1 reported by syzbot when freeing...

CVE-2025-68240 nilfs2: avoid having an active sc_timer before freeing sci

In the Linux kernel, the following vulnerability has been resolved: nilfs2: avoid having an active sctimer before freeing sci Because kthreadstop did not stop sctask properly and returned -EINTR, the sctimer was not properly closed, ultimately causing the problem 1 reported by syzbot when freeing...

CVE-2025-68214

In the Linux kernel, the following vulnerability has been resolved: timers: Fix NULL function pointer race in timershutdownsync There is a race condition between timershutdownsync and timer expiration that can lead to hitting a WARNON in expiretimers. The issue occurs when timershutdownsync clear...

AZL-72475 CVE-2025-68214 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: timers: Fix NULL function pointer race in timershutdownsync There is a race condition between timershutdownsync and timer expiration that can lead to hitting a WARNON in expiretimers. The issue occurs when timershutdownsync clear...

UBUNTU-CVE-2025-68214

In the Linux kernel, the following vulnerability has been resolved: timers: Fix NULL function pointer race in timershutdownsync There is a race condition between timershutdownsync and timer expiration that can lead to hitting a WARNON in expiretimers. The issue occurs when timershutdownsync clear...

CVE-2025-68214

In the Linux kernel, the following vulnerability has been resolved: timers: Fix NULL function pointer race in timershutdownsync There is a race condition between timershutdownsync and timer expiration that can lead to hitting a WARNON in expiretimers. The issue occurs when timershutdownsync clear...

CVE-2025-68214

Summary (CVE-2025-68214): The Linux kernel timer subsystem had a race between timer_shutdown_sync() and timer_expire() that could trigger a WARN_ON_ONCE when a timer’s function pointer was cleared to NULL while the timer was still running. The root cause: timer_shutdown_sync() could detach the ti...

CVE-2025-68214

In the Linux kernel, the following vulnerability has been resolved: timers: Fix NULL function pointer race in timershutdownsync There is a race condition between timershutdownsync and timer expiration that can lead to hitting a WARNON in expiretimers. The issue occurs when timershutdownsync clear...

CVE-2025-68214 timers: Fix NULL function pointer race in timer_shutdown_sync()

In the Linux kernel, the following vulnerability has been resolved: timers: Fix NULL function pointer race in timershutdownsync There is a race condition between timershutdownsync and timer expiration that can lead to hitting a WARNON in expiretimers. The issue occurs when timershutdownsync clear...

CVE-2025-68214 timers: Fix NULL function pointer race in timer_shutdown_sync()

In the Linux kernel, the following vulnerability has been resolved: timers: Fix NULL function pointer race in timershutdownsync There is a race condition between timershutdownsync and timer expiration that can lead to hitting a WARNON in expiretimers. The issue occurs when timershutdownsync clear...

PT-2025-51653

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the nilfs2 filesystem related to the handling of timers during segment constructor destruction. Specifically, the sc timer might remain active...

PT-2025-51627

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the timer subsystem, specifically in the timer shutdown sync function, potentially leading to a kernel warning. This occurs when the timer function pointer...

PT-2025-51660

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential memory leak exists in the do timer create function related to POSIX timers. Specifically, when a timer ID is allocated and subsequent access to a user space value fails, the...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7935-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7935-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nilfs2 not properly disabling sctimer, which could result in the release of the active timer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a competing condition between timershutdownsync and timer expiration, which could result in WARNON being trigger...

USN-7935-1: Linux kernel (Azure) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

CVE-2025-14655

A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing a manipulation of the argument rebootTime results in stack-based buffer overflow. The attack is possibl...

CVE-2025-40257

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-;addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusi...

CVE-2025-14655

A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing a manipulation of the argument rebootTime results in stack-based buffer overflow. The attack is possibl...