1536 matches found
UBUNTU-CVE-2025-21968
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcpwork Why A slab-use-after-free is reported when HDCP is destroyed but the propertyvalidatedwork queue is still running. How Cancel the delayed work when destroying workqueue. cherry...
CVE-2025-21983 mm/slab/kvfree_rcu: Switch to WQ_MEM_RECLAIM wq
In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: Switch to WQMEMRECLAIM wq Currently kvfreercu APIs use a system workqueue which is "systemunboundwq" to driver RCU machinery to reclaim a memory. Recently, it has been noted that the following kernel warning ca...
CVE-2025-21983 mm/slab/kvfree_rcu: Switch to WQ_MEM_RECLAIM wq
In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: Switch to WQMEMRECLAIM wq Currently kvfreercu APIs use a system workqueue which is "systemunboundwq" to driver RCU machinery to reclaim a memory. Recently, it has been noted that the following kernel warning ca...
CVE-2025-21968 drm/amd/display: Fix slab-use-after-free on hdcp_work
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free on hdcpwork Why A slab-use-after-free is reported when HDCP is destroyed but the propertyvalidatedwork queue is still running. How Cancel the delayed work when destroying workqueue. cherry...
CVE-2025-21968
Vulnerability (CVE-2025-21968) in the Linux kernel affects the drm/amd/display component, specifically the hdcp_work path. A slab-use-after-free occurs when HDCP is destroyed but the property_validate_dwork delayed work queue is still running. The documented fix cancels the delayed work when dest...
CVE-2025-21918 usb: typec: ucsi: Fix NULL pointer access
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...
CVE-2025-21918
CVE-2025-21918 is a Linux kernel vulnerability described in connected Azure Linux advisory: usb: typec: ucsi: Fix NULL pointer access. The issue arises from premature resource release; the fix ensures resources are freed only after the associated workqueue completes, preventing NULL-pointer acces...
CVE-2025-21911 drm/imagination: avoid deadlock on fence release
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, rather than in the release function itself. Fixes deadlock issues such as the following: 607.400437...
CVE-2025-21911 drm/imagination: avoid deadlock on fence release
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, rather than in the release function itself. Fixes deadlock issues such as the following: 607.400437...
CVE-2025-21911 drm/imagination: avoid deadlock on fence release
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, rather than in the release function itself. Fixes deadlock issues such as the following: 607.400437...
PT-2025-14364 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.13.2-0 g925d379822da Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the kvfree rcu APIs using a system workqueue, which can lead to a kernel warning. The warning is...
The vulnerability in the kernel/workqueue.c module of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the kernel/workqueue.c module in the Linux operating system is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2023-53022
In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetctxonesteptstamp This lockdep splat says it better than I could: ================================ WARNING: inconsistent lock state 6.2.0-rc2-07010-ga9b9500ffaac-dirty 967 Not tainted...
SUSE CVE-2025-21846
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
AZL-58532 CVE-2025-21846 affecting package kernel for versions less than 6.6.82.1-1
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
DEBIAN-CVE-2025-21846
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
AZL-58569 CVE-2025-21846 affecting package kernel for versions less than 5.15.179.1-1
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
UBUNTU-CVE-2025-21846
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
CVE-2025-21859 USB: gadget: f_midi: f_midi_complete to call queue_work
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...
CVE-2025-21846 acct: perform last write from workqueue
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...