88 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/bpf: Fixed the detection of BPF atomic instructions. Commit 91c960b0056672 “bpf: Renamed BPFXADD and prepared to encode other atomic instructions in .imm” changed BPFXADD to BPFATOMIC and added a mechanism to distingui...
[SECURITY] Fedora 44 Update: valkey-9.0.4-1.fc44
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
Linux Distros Unpatched Vulnerability : CVE-2026-43121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed ...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: sched/deadline: Only the freecpus field is set for online runqueues. Commit 16b269436b72 “sched/deadline: Modified cpudl::freecpus to reflect rd-online“” introduced the cpudlset/clearfreecpu functions, allowing the...
AppleSEPKeyStore iOS macOS 26.1–26.2 Multi-Thread Race Condition Simulation Tool
This C/Objective-C program is a lightweight concurrency stress-testing tool designed to simulate and observe race conditions using atomic operations and multiple threads. It models a simplified shared-state system where concurrent readers and writers continuously interact with a shared variable...
EUVD-2026-19277
Homarr is an open-source dashboard. Prior to 1.57.0, the user registration endpoint /api/trpc/user.register is vulnerable to a race condition that allows an attacker to create multiple user accounts from a single-use invite token. The registration flow performs three sequential database operation...
PT-2026-30625
Homarr is an open-source dashboard. Prior to 1.57.0, the user registration endpoint /api/trpc/user.register is vulnerable to a race condition that allows an attacker to create multiple user accounts from a single-use invite token. The registration flow performs three sequential database operation...
[SECURITY] Fedora 44 Update: valkey-9.0.3-1.fc44
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from drivers that do not support atomic operations when using null pointers, potentially leading to crashes ...
SUSE CVE-2025-71074
In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffsepfileopen can race with removal, ending up with file-privatedata pointing to freed object. There is a total count of opened files on functionfs both ep0 and dynamic ones and when it hits...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of interrupt contexts, which could lead to work queues leaking atomic operations, locks, o...
CVE-2025-71074
The CVE-2025-71074 issue affects Linux kernel functionfs, where open/removal races can leave file->private_data as a freed object, causing UAF on read/write. Root cause: ffs->opened is misused; synchronization via atomic_dec_and_test() is insufficient. The fix approach, as documented, is to...
EUVD-2025-203708
In the Linux kernel, the following vulnerability has been resolved: tcp: use dstdevrcu in tcpfastopenactivedisableofocheck Use RCU to avoid a pair of atomic operations and a potential UAF on dstdev-flags...
CVE-2025-33111
IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks...
UBUNTU-CVE-2022-50668
In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4xattrblockset where we constantly keep finding xattr block for reuse in mbcache but we are unable to...
PT-2025-49699
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to ext4 filesystem handling of extended attributes xattrs. A deadlock situation can occur during manipulation of xattr blocks due to mbcache ent...
EUVD-2025-11239
Malicious code in bioql PyPI...
EUVD-2025-29588
Malicious code in bioql PyPI...
CVE-2025-39826 net: rose: convert 'use' field to refcount_t
In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcountt The 'use' field in struct roseneigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a roseneigh structure is freed while still being reference...
PT-2026-2512
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the scheduler/deadline component. A correction ensures that the free cpus bit is only set for online runqueues. A previous commit introduced...