120 matches found
CVE-2026-46267
In the Linux kernel NFC stack (nfc: hci: shdlc), llc_shdlc_deinit() frees the llc_shdlc context while SHDLC timers and state-machine work may still be active. Timer callbacks can schedule sm_work, which accesses SHDLC state and skb queues. If teardown runs concurrently with queued or running work...
EUVD-2026-34129
In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...
PT-2026-46030
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF condition exists in the Linux kernel's NFC HCI SHDLC implementation. The function llc shdlc deinit purges SHDLC skb queues and frees the llc shdlc structure while...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: Fixed a use-after-free vulnerability in the ssiProtocol Driver due to race conditions. In the ssiProtocolprobe function, &ssi-work is bound to ssipxmitwork. In ssippnsetup, the ssippnxmit function within the...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fixed a use-after-free vulnerability in switchtecntbremove due to a race condition. In the switchtecntbadd function, it is possible to call the switchtecntbinitsndev function. Then, &sndev-checklinkstatuswork...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under priv-statelock, any scheduled aRFS operations are canceled using the cancelworksync function. This function waits for the operation to finish if it has...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: io-wq: Check for wq exit after adding a new worker taskwork. We check the IOWQBITEXIT flag before attempting to create a new worker. The wq exit cancels any pending tasks if there are any. However, it’s possible for a race...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: At the ata module, there is a bug in libata: the pending work is cancelled after clearing deferredqc. Syzbot reported a WARNON in atascsideferredqcwork, caused by ap-ops-qcdefer returning a non-zero value before issuing the...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed a deadlock caused by canceldelayedworksyn The following LOCKDEP was detected: Workqueue: events smclgrfreework smc WARNING: a circular locking dependency was detected...
UBUNTU-CVE-2026-43382
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work Commit 0d4e8ed139d8 “net/mlx5: Lag, avoid lockdep warnings” accidentally removed a call to cancel delayed bond work. This may cause queued delays to expire and affect work...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: Fixed a crash that occurs when startup fails. If the network interface fails to start, it is possible that the resetwork has already been scheduled. Ensure that the work item is canceled so that a use-after-free cra...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a deadlock in l2capconndel. The l2capconndel function calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the functions l2capinfotimeout and...
SUSE CVE-2026-31499
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the work functions l2capinfotimeout and l2capconnupdateidaddr both acqui...
CVE-2026-31499
CVE-2026-31499 affects the Linux kernel Bluetooth L2CAP code. The vulnerability stems from l2cap_conn_del() canceling delayed work (info_timer and id_addr_timer) while holding conn->lock, while the corresponding work functions (l2cap_info_timeout() and l2cap_conn_update_id_addr()) also acquire...
CVE-2026-31499 Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the work functions l2capinfotimeout and l2capconnupdateidaddr both acqui...
PT-2026-34404
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the Bluetooth L2CAP component within the l2cap conn del function. This happens because l2cap conn del calls cancel delayed work sync for both info timer and id ad...
Linux Distros Unpatched Vulnerability : CVE-2026-31499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010801)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010801 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed wor...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011000)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011000 advisory. In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting...