Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a race condition between element replacement and close. The element replacement with a socket that is different from the one stored may race with the close operation, where the link of the socket is popped...

Astra Linux - уязвимость в linux-5.10

There is a vulnerability related to time-of-check to time-of-use issues in the iouringsubsystem’s IORINGOPCLOSE operation in the Linux kernel versions 5.6 to 5.11 inclusive. This vulnerability allows a local user to elevate their privileges to root. Introduced in the version...

EUVD-2026-26582

In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the descriptor via...

CVE-2026-31769

The CVE-2026-31769 issue in the Linux kernel gpib module is resolved by adding a kernel-only descriptor_busy reference count in struct gpib_descriptor to prevent use-after-free of gpib_descriptor objects during concurrent IO ioctl handling (IBRD, IBWRT, IBCMD, IBWAIT). Each IO path increments des...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the cmpxchg serialization to access so-tx.buf. This vulnerability may lead to the...

CVE-2023-53990

In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifsdeldeferredclose function has a critical section which modifies the deferred close file list. We must acquire deferredlock before calling cifsdeldeferredclose functi...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990477 advisory. In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbopen/close: fix memory leak The gsusb driver appears to suffer from a malady...

EUVD-2023-36513

Malicious code in bioql PyPI...

CVE-2022-50241

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix use-after-free on source server when doing inter-server copy Use-after-free occurred when the laundromat tried to free expired cpntfstate entry on the s2scpstateids list after inter-server copy completed. The sccplist...

CVE-2025-8008

A security issue exists in the protected mode of EN4TR devices, where sending specifically crafted messages during a Forward Close operation can cause the device to crash...

CVE-2025-8007

CVE-2025-8007 concerns Rockwell Automation 1756-EN4TR and 1756-EN2TR (protected mode) where a Concurrent Forward Close operation can trigger a Major Non-Recoverable (MNFR) fault, potentially causing unexpected system crashes and loss of device availability. Connected sources corroborate this vuln...

CVE-2025-8008

CVE-2025-8008 affects Rockwell Automation 1756-EN4TR family devices (1756-EN4TR, 1756-ENT2R, 1756-EN4TRXT) in protected mode. The issue arises when a Forward Close operation processes specially crafted messages, potentially crashing the device and impacting availability. The vulnerability is docu...

PT-2025-36725

Name of the Vulnerable Software and Affected Versions: EN4TR devices affected versions not specified Description: A security issue exists in the protected mode of EN4TR devices. Sending specifically crafted messages during a Forward Close operation can cause the device to crash. Recommendations: ...

CVE-2023-32256 Kernel: ksmbd race issue from smb2 close and logoff with multichannel

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

CVE-2023-32256 Kernel: ksmbd race issue from smb2 close and logoff with multichannel

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravbopen, ravbclose and wol operations must be performed under the rtnl lock to preven...

DEBIAN-CVE-2022-49889

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Check for NULL cpubuffer in ringbufferwakewaiters On some machines the number of listed CPUs may be bigger than the actual CPUs that exist. The tracing subsystem allocates a percpu directory with access to the per CP...

Undertow: Infinite loop in SslConduit during close

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

bpf, sockmap: Fix race between element replace and close()

...

DEBIAN-CVE-2024-56664

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...