12 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: memcg: Protection was added for concurrent access to memcgroupidr. Commit 73f576c04b94 “mm: memcontrol: fixed cgroup creation failures after many small operations” separated the memcg IDs from the CSS ID space to address cgrou...
kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
A use-after-free vulnerability was found in the DWC3 USB controller driver in the Linux kernel. Multiple unsynchronized execution paths can invoke dwc3removerequests concurrently, leading to premature freeing of USB requests. When one path frees requests while another is still processing them, a...
kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
A use-after-free vulnerability was found in the DWC3 USB controller driver in the Linux kernel. Multiple unsynchronized execution paths can invoke dwc3removerequests concurrently, leading to premature freeing of USB requests. When one path frees requests while another is still processing them, a...
kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
A use-after-free vulnerability was found in the DWC3 USB controller driver in the Linux kernel. Multiple unsynchronized execution paths can invoke dwc3removerequests concurrently, leading to premature freeing of USB requests. When one path frees requests while another is still processing them, a...
AZL-56252 CVE-2025-21634 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID: 3486953 Comm: rmdir Kdump: loaded Tainted: G RIP: 0010:kernfsshoulddrainopenfiles+0x1a1/0x1b0 RSP:...
DEBIAN-CVE-2025-21634
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID: 3486953 Comm: rmdir Kdump: loaded Tainted: G RIP: 0010:kernfsshoulddrainopenfiles+0x1a1/0x1b0 RSP:...
UBUNTU-CVE-2025-21634
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID: 3486953 Comm: rmdir Kdump: loaded Tainted: G RIP: 0010:kernfsshoulddrainopenfiles+0x1a1/0x1b0 RSP:...
CVE-2025-21634 cgroup/cpuset: remove kernfs active break
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID: 3486953 Comm: rmdir Kdump: loaded Tainted: G RIP: 0010:kernfsshoulddrainopenfiles+0x1a1/0x1b0 RSP:...
CVE-2025-21634 cgroup/cpuset: remove kernfs active break
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID: 3486953 Comm: rmdir Kdump: loaded Tainted: G RIP: 0010:kernfsshoulddrainopenfiles+0x1a1/0x1b0 RSP:...
CVE-2024-43102
CVE-2024-43102 describes a kernel-level issue in FreeBSD involving concurrent removals of anonymous shared memory mappings via the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM. The root cause is that the reference count for the mapping object can be decremented too many times, causing premature fr...
kernel: USB: core: Fix access violation during port device removal
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in port.c:disablestore: usbhubtostructhub can return NULL if the hub that the port belongs to is concurrently removed, but...
UBUNTU-CVE-2024-36932
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermaldebugcdevstateupdate and it may free the struct thermaldebugf...