CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

CVE-2026-43370

The CVE-2026-43370 issue affects the Linux kernel DRM/AMDGPU subsystem, specifically a use-after-free race in VM acquisition. Root cause: a non-atomic vm->process_info assignment could race when parent and child processes sharing a drm_file both attempt to acquire the same VM after fork(). The...

CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

CVE-2026-43370 drm/amdgpu: Fix use-after-free race in VM acquire

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

SUSE CVE-2026-43121

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...

CVE-2026-43121

CVE-2026-43121 involves the Linux kernel io_uring/zcrx race between scrub and refill paths. The non-atomic read-then-decrement of the user_refs can race with io_zcrx_scrub() using atomic_xchg, causing a double-free of a niov and an out-of-bounds write past the freelist array. The fix replaces the...

PT-2026-37461

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the io uring/zcrx component on SMP systems between the scrub and refill paths. The io zcrx put niov uref function employs a non-atomic check-then-decrement...

UBUNTU-CVE-2026-23161

In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix race of truncate and swap entry split The helper for shmem swap freeing is not handling the order of swap entries correctly. It uses xacmpxchgirq to erase the swap entry, but it gets the entry order before tha...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000631 advisory. Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of servi...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002252)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002252 advisory. Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of servi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001918)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001918 advisory. Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of servi...

SUSE CVE-2025-71080

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6getpcpuroute under PREEMPTRT On PREEMPTRT kernels, after rt6getpcpuroute returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute and successful...

CVE-2025-71080

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6getpcpuroute under PREEMPTRT On PREEMPTRT kernels, after rt6getpcpuroute returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute and successful...

UBUNTU-CVE-2025-71080

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6getpcpuroute under PREEMPTRT On PREEMPTRT kernels, after rt6getpcpuroute returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute and successful...

CVE-2025-71080 ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6getpcpuroute under PREEMPTRT On PREEMPTRT kernels, after rt6getpcpuroute returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute and successful...

CVE-2025-71080 ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a BUG in rt6getpcpuroute under PREEMPTRT On PREEMPTRT kernels, after rt6getpcpuroute returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute and successful...

PT-2026-2601

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s IPv6 implementation within the rt6 get pcpu route function when operating under the PREEMPT RT kernel configuration. Specifically, after rt6 get pcpu...

Linux Distros Unpatched Vulnerability : CVE-2025-39884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix subvolume deletion lockup caused by inodes xarray race There is a race condition between inode eviction and inode caching that can cause a live struc...

CVE-2025-39884

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix subvolume deletion lockup caused by inodes xarray race There is a race condition between inode eviction and inode caching that can cause a live struct btrfsinode to be missing from the root-inodes xarray. Specifically,...

kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in genradixptralloc If we need to increase the tree depth, allocate a new node, and then race with another thread that increased the tree depth before us, we'll still have a preallocated no...