Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990247)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990247 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the calle...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986470)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986470 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 net: usb: fix memor...

Linux Distros Unpatched Vulnerability : CVE-2023-52509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ravb: Fix use-after-free issue in ravbtxtimeoutwork The ravbstop should call cancelworksync...

CVE-2025-38114 e1000: Move cancel_work_sync to avoid deadlock

In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancelworksync to avoid deadlock Previously, e1000down called cancelworksync for the e1000 reset task via e1000downandstop, which takes RTNL. As reported by users and syzbot, a deadlock is possible in the following...

CVE-2022-49696

In the Linux kernel, the following vulnerability has been resolved: tipc: fix use-after-free Read in tipcnamedreinit syzbot found the following issue on: ================================================================== BUG: KASAN: use-after-free in tipcnamedreinit+0x94f/0x9b0...

UBUNTU-CVE-2022-49696

In the Linux kernel, the following vulnerability has been resolved: tipc: fix use-after-free Read in tipcnamedreinit syzbot found the following issue on: ================================================================== BUG: KASAN: use-after-free in tipcnamedreinit+0x94f/0x9b0...

CVE-2022-49696

CVE-2022-49696 is a Linux kernel use-after-free in tipc_named_reinit, triggered by a race with workqueue finalization. The issue arises because cancel_work_sync() ordering could allow a destroyed TipC namespace to be accessed by a work item enqueuing later, leading to a read of freed memory (KASA...

CVE-2024-50051 spi: mpc52xx: Add cancel_work_sync before module remove

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancelworksync before module remove If we remove the module which will call mpc52xxspiremove it will free 'ms' through spiunregistercontroller. while the work ms-work will be used. The sequence of operations tha...

CVE-2024-41063 Bluetooth: hci_core: cancel all works upon hci_unregister_dev()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: cancel all works upon hciunregisterdev syzbot is reporting that calling hcireleasedev from hcierrorreset due to hcidevput from hcierrorreset can cause deadlock at destroyworkqueue, for hcierrorreset is called...

CVE-2024-41051 cachefiles: wait for ondemand_object_worker to finish when dropping object

In the Linux kernel, the following vulnerability has been resolved: cachefiles: wait for ondemandobjectworker to finish when dropping object When queuing ondemandobjectworker to re-open the object, cachefilesobject is not pinned. The cachefilesobject may be freed when the pending read request is...

CVE-2024-39493

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called...

CVE-2024-39493 crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called...

CVE-2024-39493 crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called...

CVE-2021-47239

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

CVE-2021-47239

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

CVE-2021-47239 net: usb: fix possible use-after-free in smsc75xx_bind

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

CVE-2021-47239 net: usb: fix possible use-after-free in smsc75xx_bind

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xxbind The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xxbind" fails to clean up the work scheduled in smsc75xxreset- smsc75xxsetmulticast, which leads to use-after-free ...

CVE-2024-27052

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancelworksync for c2hcmdwork The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancelworksync in rtl8xxxustop...

CVE-2024-27052 wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancelworksync for c2hcmdwork The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancelworksync in rtl8xxxustop...

CVE-2024-27014 net/mlx5e: Prevent deadlock while disabling aRFS

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS works are canceled using the cancelworksync function, which waits for the work to end if it has already started...