20 matches found
SUSE CVE-2026-46011
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-jpegwork. This creates a race...
CVE-2026-46011 media: mtk-jpeg: fix use-after-free in release path due to uncancelled work
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-jpegwork. This creates a race...
PT-2026-43878
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the mtk jpeg release function. The function frees the context structure ctx without cancelling pending or running work in ctx-jpeg work. This creates a race...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fix for use-after-free in the encoder release path. The fopsvcodecrelease function frees the context structure ctx without first canceling any pending or ongoing operations in ctx-encodework. This creates...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: added flushworkqueue to prevent UAF. Our detector identified a bug caused by concurrent use-after-free when detaching a NCI device. The main reason for this bug is the unexpected scheduling between the delayed mechanism...
CVE-2026-31584
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...
DEBIAN-CVE-2026-31584
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...
CVE-2026-31584
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...
CVE-2026-31584
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...
CVE-2026-31584
CVE-2026-31584 - Linux kernel (MediaTek vcodec) use-after-free in encoder release path : The fops_vcodec_release() frees the context (ctx) without cancelling or synchronizing pending/running encode work, allowing the mtk_venc_worker to dereference freed ctx. Root cause: v4l2_m2m_ctx_release() wai...
CVE-2026-31584 media: mediatek: vcodec: fix use-after-free in encoder release path
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...
EUVD-2026-25477
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fopsvcodecrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-encodework. This creates a race window...
CVE-2026-31516 xfrm: prevent policy_hthresh.work from racing with netns teardown
In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policyhthresh.work from racing with netns teardown A XFRMMSGNEWSPDINFO request can queue the per-net work item policyhthresh.work onto the system workqueue. The queued callback, xfrmhashrebuild, retrieves the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992984)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992984 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug wh...
CVE-2023-54235
CVE-2023-54235 affects the Linux kernel and describes a race in the PCI/DOE path where destroy_work_on_stack() could race with the PCI DOE worker’s work_struct going out of scope. The issue manifested as a debug object dump and warning in the DoE workqueue (pci 0000:36:00.0 DOE). The recommended ...
Linux Distros Unpatched Vulnerability : CVE-2022-49968
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ieee802154/adf7242: defer destroyworkqueue call There is a possible race condition...
PT-2025-20353
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc1-syzkaller-00246-g900241a5cc15 Description A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the tipc mon reinit self function. This issue arises due to a racing...
kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
A vulnerability was found in the Linux kernel's net rtl8xxxucore.c driver, where a race condition can lead to a use-after-free situation in the rtl8xxxustop function. This occurs when the workqueue is still running but the driver has been stopped and can lead to c2hcmdwork attempting to access...
SUSE CVE-2024-38634
In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be called with port lock taken, Since we run it in a separate work, the lock may not be taken at the time of running. Make sure that it's...
kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
A vulnerability was found in the Linux kernel's net rtl8xxxucore.c driver, where a race condition can lead to a use-after-free situation in the rtl8xxxustop function. This occurs when the workqueue is still running but the driver has been stopped and can lead to c2hcmdwork attempting to access...