15 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fixed a race condition during abort for file descriptors fput does not actually call fileoperations’ release method synchronously. Instead, it places the file in a work queue and releases it eventually. This is generally...
Oracle Linux 10 : kernel (ELSA-2026-0453)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0453 advisory. - usb: dwc3: Fix race condition between concurrent dwc3removerequests call paths CKI Backport Bot RHEL-137150 CVE-2025-68287 - drm/vmwgfx: Validate...
ALSA-2026:0453 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: multitouch: fix slab out-of-bounds access in mtreportfixup CVE-2025-39806 kernel: audit: fix out-of-bounds read in auditcomparednamepath CVE-2025-39840 kernel: mm: slub: avoid wake u...
kernel: iommufd: Fix race during abort for file descriptors
A flaw was found in the Linux kernel such that the IOMMU file-descriptor subsystem, when aborting the allocation of a new object before installing the file descriptor, the code calls fput on the file and then immediately frees the associated object kfree, but the object is still referenced by the...
RHEL 9 : kernel (RHSA-2025:23241)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23241 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure th...
DEBIAN-CVE-2023-53838
In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime...
CVE-2023-53838 f2fs: synchronize atomic write aborts
In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime...
kernel: rxrpc: Fix missing locking causing hanging calls
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted e.g. because kafs saw a signal between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connecti...
UBUNTU-CVE-2025-39966
In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix race during abort for file descriptors fput doesn't actually call fileoperations release synchronously, it puts the file on a work queue and it will be released eventually. This is normally fine, except for iommufd t...
Linux Distros Unpatched Vulnerability : CVE-2024-41053
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdabortone racing issue When ufshcdabortone is racing with the...
SUSE CVE-2025-37828
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...
UBUNTU-CVE-2025-37828
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...
SUSE CVE-2024-41053
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdabortone racing issue When ufshcdabortone is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by ISR. Return success when request is completed by ISR...
SUSE CVE-2021-47248
In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close and udpabort Kaustubh reported and diagnosed a panic in udpliblookup. The root cause is udpabort racing with close. Both racing functions acquire the socket lock, but udpv6destroysock release it before...
CVE-2021-46958
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which leads to an...