121 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS operations are canceled using the cancelworksync function. This function waits for the operation to finish if it ha...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: At the ata module, the issue with libata: the pending work is cancelled after clearing deferredqc. Syzbot reported a WARNON in atascsideferredqcwork, caused by ap-ops-qcdefer returning a non-zero value before issuing the deferred...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed a deadlock caused by canceldelayedworksyn The following LOCKDEP was detected: Workqueue: events smclgrfreework smc WARNING: a circular locking dependency was detected...
Siemens RUGGEDCOM RST2428P Multiple Releases of Same Resource or Handle (CVE-2025-40261)
In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassocation waits for pending I/O to complete before returning, and an error can cause -ioerrwork to be queued after cancelworksync had been called. Mov...
CVE-2026-46267
CVE-2026-46267 affects the Linux kernel NFC HCI SHDLC subsystem. The root cause is that timers and state-machine work can remain active during llc_shdlc_deinit(), which purges SHDLC skb queues and frees the llc_shdlc structure while callbacks may still access SHDLC state and queues. If teardown r...
EUVD-2026-34129
In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...
PT-2026-46030
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF condition exists in the Linux kernel's NFC HCI SHDLC implementation. The function llc shdlc deinit purges SHDLC skb queues and frees the llc shdlc structure while...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work The commit 0d4e8ed139d8 “net/mlx5: Lag, avoid lockdep warnings” accidentally removed a call to cancel delayed bond work. This may cause queued delays to expire and affect wor...
UBUNTU-CVE-2026-43382
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: io-wq: Check for wq exit after adding a new worker taskwork. We check the IOWQBITEXIT flag before attempting to create a new worker. The wq exit cancels any pending tasks if there are any. However, it’s possible for a race...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a deadlock in l2capconndel. The l2capconndel function calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the functions l2capinfotimeout and...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: Fixed a crash that occurs when startup fails. If the network interface fails to start, it is possible that the resetwork has already been scheduled. Ensure that the work item is canceled so that a use-after-free cra...
SUSE CVE-2026-31499
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the work functions l2capinfotimeout and l2capconnupdateidaddr both acqui...
CVE-2026-31499 Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the work functions l2capinfotimeout and l2capconnupdateidaddr both acqui...
CVE-2026-31499
CVE-2026-31499 affects the Linux kernel Bluetooth L2CAP code. The vulnerability stems from l2cap_conn_del() canceling delayed work (info_timer and id_addr_timer) while holding conn->lock, while the corresponding work functions (l2cap_info_timeout() and l2cap_conn_update_id_addr()) also acquire...
Linux Distros Unpatched Vulnerability : CVE-2026-31499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the...
PT-2026-34404
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur in the Bluetooth L2CAP component within the l2cap conn del function. This happens because l2cap conn del calls cancel delayed work sync for both info timer and id ad...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011000)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011000 advisory. In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010801)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010801 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed wor...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007593)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007593 advisory. In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting...