15 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure that rdmaaddrcancel is called before issuing more requests. The FSM can enter a loop, allowing rdmaresolveip to be called twice with the same idpriv. Although this cannot occur without going through this process,...
UBUNTU-CVE-2025-71182
In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b5891b8 "can: j1939: add missing...
EulerOS 2.0 SP13 : golang (EulerOS-SA-2025-2500)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2025-2386)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath '', '.', a...
EulerOS 2.0 SP12 : golang (EulerOS-SA-2025-2358)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can...
UBUNTU-CVE-2025-40047
In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...
CVE-2025-40047
CVE-2025-40047 affects the Linux kernel io_uring waitid path. The root cause was a race where a wait queue entry could remain due to cancellation in progress, leading to missed cleanup. The connected advisories confirm the fix as: always prune the wait queue entry in io_waitid_wait() on successfu...
EUVD-2025-36481
In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...
CVE-2025-40047 io_uring/waitid: always prune wait queue entry in io_waitid_wait()
In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...
CVE-2025-40003 net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work The origin code calls canceldelayedwork in ocelotstatsdeinit to cancel the cyclic delayed work item ocelot-statswork. However, canceldelayedwork may fail to canc...
OESA-2025-2182 golang security update
. Security Fixes: The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS e.g. Git, but contains metadata for another VC...
Linux Distros Unpatched Vulnerability : CVE-2025-47907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in...
SUSE CVE-2024-56641
In the Linux kernel, the following vulnerability has been resolved: net/smc: initialize closework early to avoid warning We encountered a warning that closework was canceled before initialization. WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 flushwork+0x19e/0x1b0 Workqueue: events...
OESA-2024-1860 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure rdmaaddrcancel happens before issuing more requests The FSM can run in a circle allowing rdmaresolveip to be called twice on the same idpriv...
DEBIAN-CVE-2023-3389
A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Racing a iouring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59...