PT-2025-14333 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been resolved, related to the HID corsair-void component. The corsair void process receiver function can be called from an interrupt context, and lockin...

AZL-58493 CVE-2025-21859 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

AZL-58572 CVE-2025-21859 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

DEBIAN-CVE-2025-21859

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

UBUNTU-CVE-2025-21859

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

CVE-2025-21859

CVE-2025-21859 affects the Linux kernel USB gadget f_midi path; a deadlock occurs when a lock is acquired twice in a re-entrant f_midi_transmit. The fix is to schedule the inner f_midi_transmit via a high-priority work queue using queue_work() from the completion handler. Patched commits are refe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to refresh the gadget work queue after device removal...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unbound work queue that causes delays in task execution...

Linux Distros Unpatched Vulnerability : CVE-2024-53064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases al...

Linux Distros Unpatched Vulnerability : CVE-2024-50025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flushwork initialization out of if block After commit 379a58caa199 scsi:...

Linux Distros Unpatched Vulnerability : CVE-2021-47163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tipc: wait and exit until all work queues are done On some host, a crash could be triggered...

UBUNTU-CVE-2025-21786

In the Linux kernel, the following vulnerability has been resolved: workqueue: Put the pwq after detaching the rescuer from the pool The commit 68f83057b913"workqueue: Reap workers via kthreadstop and remove detachcompletion" adds code to reap the normal workers but mistakenly does not handle the...

SUSE CVE-2022-49555

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling deltim...

UBUNTU-CVE-2022-49555

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling deltim...

UBUNTU-CVE-2022-49300

In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between nbdallocconfig and module removal When nbd module is being removing, nbdallocconfig may be called concurrently by nbdgenlconnect, although trymoduleget will return false, but nbdallocconfig doesn't handle it...

CVE-2022-49371 driver core: fix deadlock in __device_attach

In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in deviceattach In deviceattach function, The lock holding logic is as follows: ... deviceattach devicelockdev // get lock dev asyncscheduledevdeviceattachasynchelper, dev; // func asyncschedulenode...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the error path in multi-packet WQE transmit. Removed the erroneous unmap if no DMA mapping was established. The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This may fail, for...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from the WQ linked list mlx5wqllpop. For SHAMPO, it is possible to receive CQEs with 0 consumed strides fo...

CVE-2021-35562

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access vi...

CVE-2020-14855

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Univers...