Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...

CLSA-2025-1766488019 kernel: Fix of 63 CVEs

scsi: target: iscsi: Fix timeout on deleted connection CVE-2025-38075 - tls: wait for pending async decryptions if tlsstrpmsghold fails CVE-2025-40176 - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 - rcu: Fix rcureadunlock deadloop due to IRQ work...

RHEL 8 : kernel (RHSA-2025:23000)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23000 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked...

RockyLinux 8 : kernel-rt (RLSA-2025:22387)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:22387 advisory. kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in rename2...

EUVD-2025-13021

Malicious code in bioql PyPI...

SUSE CVE-2022-49768

In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...

DEBIAN-CVE-2022-49768

In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...

CVE-2022-49768

In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...

CVE-2022-49768 9p: trans_fd/p9_conn_cancel: drop client lock earlier

In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...

CVE-2022-49768

In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...

CVE-2022-49768

In CVE-2022-49768 for the Linux kernel, the 9p/trans_fd/p9_conn_cancel path had a double-lock issue detected by syzbot. The fix is to drop the client lock earlier, after requests have been moved off to the local list, avoiding the double-lock scenario. This resolves the issue and is described as ...

CVE-2022-49768 9p: trans_fd/p9_conn_cancel: drop client lock earlier

In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...

CVE-2024-50294 rxrpc: Fix missing locking causing hanging calls

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted e.g. because kafs saw a signal between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connecti...

PT-2022-36585 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.334 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol implementation, where the client lock is dropped earlier than expected. This is an automated ID intended to a...

PT-2022-36128 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.80 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol implementation, where the client lock is dropped earlier than expected. The actual impact and attack...

PT-2022-36464 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol implementation, where the client lock is dropped earlier than expected. The actual impact and attack...

PT-2022-35942 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol, where the client lock is dropped earlier than expected. This is an automated ID intended to aid in discovery ...

PT-2022-36272 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 5.10.156 Description: A potential security issue exists in the Linux Kernel. The problem is related to the trans fd and p9 conn cancel functions, where the client lock is dropped earlier than expected. The actua...

PT-2022-36383 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.225 Description: The issue is related to the trans fd/p9 conn cancel function in the 9p protocol, where the client lock is dropped earlier than expected. The actual impact and attack plausibility have not y...

CVE-2020-7255

Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface...