EUVD-2026-39838

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

CVE-2026-52988

A flaw was found in the Linux kernel's netfilter component. This vulnerability involves a concurrency issue during updates to netfilter rulesets. When multiple updates occur simultaneously, improper synchronization could lead to unsafe data access during netlink dump list traversal. This could...

CVE-2026-53265

CVE-2026-53265 – Linux kernel : A race in dm cache policy SMQ allowed a check-then-act sequence to observe e->allocated as true before taking mq->lock. Two concurrent invalidators could both proceed, causing one to remove the entry from queues/hash table and free_entry(), then another to ac...

EUVD-2026-39244

In the Linux kernel, the following vulnerability has been resolved: mm/listlru: drain before clearing xarray entry on reparent memcgreparentlistlrus clears the dying memcg's xarray entry with xasstore&xas, NULL before reparenting its per-node lists into the parent. This opens a window where a...

CVE-2026-53153

The CVE-2026-53153 vulnerability affects the Linux kernel mm/list_lru implementation. It describes a race where memcg_reparent_list_lrus() clears the dying memcg’s xarray entry before reparenting its per-node lists, creating a window where a concurrent list_lru_del() can observe xa_load() == NULL...

UBUNTU-CVE-2026-54904

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...

EUVD-2026-38917

In the Linux kernel, the following vulnerability has been resolved: gfs2: add some missing log locking Function gfs2logd calls the log flushing functions gfs2ail1start, gfs2ail1wait, and gfs2ail1empty without holding sdp-sdlogflushlock, but these functions require exclusion against concurrent...

kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

SpiceDB: Checks involving relations with caveats can result in unconditional permission when conditional permission is expected

Impact Under concurrency, CheckPermission and CheckBulkPermissions can return PERMISSIONSHIPHASPERMISSION for a resource, permission, subject whose correct answer is PERMISSIONSHIPCONDITIONALPERMISSION. You are impacted if all of the following hold: 1. Your schema has a permission combining...

GHSA-4VRG-R928-H5VV SpiceDB: Checks involving relations with caveats can result in unconditional permission when conditional permission is expected

Impact Under concurrency, CheckPermission and CheckBulkPermissions can return PERMISSIONSHIPHASPERMISSION for a resource, permission, subject whose correct answer is PERMISSIONSHIPCONDITIONALPERMISSION. You are impacted if all of the following hold: 1. Your schema has a permission combining...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix for a race condition in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes that bqenqueue and...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fixed a possible NULL pointer dereferencing caused by driver concurrency. In dwc2hcdurbenqueue, the statement “urb-hcpriv = NULL” is executed without holding the lock “hsotg-lock”. In dwc2hcdurbdequeue: c...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal. Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermal Debugcdevstateupdate. This may free the struct thermal...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the tty module, for the serial subsystem, there is a issue where the uartlite driver is registered within the init function. When two instances of the uart device are being probed, a concurrency race may occur. If one thread...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Race conditions between subflow failures and additional subflow creations. We have race conditions similar to those addressed by the previous patch, between subflow failures and additional subflow creations. However, these...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix for use-after-free in ksmbdtreeconnectput under concurrency conditions. Under high concurrency, a tree-connection object tcon is freed during a disconnection path, while another path still holds a reference to it...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: locking/spinlock/debug: Fixed a data race in dorawwritelock. KCSAN reports: BUG: KCSAN: Data race in dorawwritelock/dorawwritelock. The following operations were performed: Write 0xffff800009cf504c 4 bytes to memory by task 11...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed a race condition that occurred due to concurrent opens during the rename2 operation. In addition to sending the rename request to the server, the rename process also involves closing any deferred closes, waitin...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: The issue was fixed in the concurrently setting of insnemulation sysctls. The emulationprochandler function changes table-data for procdointvecminmax. However, it may cause an OOPs error if called concurrently with itself:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Annotate FDB data races The “used” and “updated” fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to issues such as reported cases like 1. These issues can be reproduced using ...