kernel: smb: client: fix race with concurrent opens in rename(2)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename2 Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outstanding I/O to complete as well as marking all...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001141)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001141 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...

MiracleLinux 4 : cvs-1.11.23-11.1.0.1.AXS4 (AXSA:2012-238:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-238:01 advisory. CVS Concurrent Versions System is a version control system that can record the history of your files usually, but not always, source code. CVS only stores the...

CVE-2026-20867

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2026-20867

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate privileges locally...

CVE-2026-20853

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privileges locally...

CVE-2026-20848

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

AZL-74445 CVE-2025-68774 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

UBUNTU-CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774 hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Concurrent writes to afalgsendmsg are now disallowed. Issuing two writes to the same afalg socket is problematic, as the data will be interleaved in a unpredictable manner. Additionally, concurrent writes may caus...

kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths

A use-after-free vulnerability was found in the DWC3 USB controller driver in the Linux kernel. Multiple unsynchronized execution paths can invoke dwc3removerequests concurrently, leading to premature freeing of USB requests. When one path frees requests while another is still processing them, a...

kernel: smb: client: fix race with concurrent opens in rename(2)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename2 Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outstanding I/O to complete as well as marking all...

PT-2026-2719

CVE-2026-20874 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Management Services allows an authorized attacker to elevate pr… https://t.co/KTYAuV7eee...

PT-2026-2731

CVE-2026-20926 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges … https://t.co/V8g8uUheOy...

PT-2026-2714

Name of the Vulnerable Software and Affected Versions Windows Local Session Manager LSM affected versions not specified Description A flaw exists in Windows Local Session Manager LSM related to concurrent execution using a shared resource with improper synchronization, creating a race condition...

PT-2026-2699

CVE-2026-20853 Concurrent execution using shared resource with improper synchronization 'race condition' in Windows WalletService allows an unauthorized attacker to elevate privil… https://t.co/1I7UilLbTk...