SUSE CVE-2023-53762

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in hcidisconnectallsync Use-after-free can occur in hcidisconnectallsync if a connection is deleted by concurrent processing of a controller event. To prevent this the code now tries to iterate over th...

CVE-2023-53815 posix-timers: Prevent RT livelock in itimer_delete()

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Prevent RT livelock in itimerdelete itimerdelete has a retry loop when the timer is concurrently expired. On non-RT kernels this just spin-waits until the timer callback has completed, except for posix CPU timers...

CVE-2023-53813 ext4: fix rbtree traversal bug in ext4_mb_use_preallocated

In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4mbusepreallocated During allocations, while looking for preallocationsPA in the per inode rbtree, we can't do a direct traversal of the tree because ext4mbdiscardgrouppreallocation can...

CVE-2023-53813 ext4: fix rbtree traversal bug in ext4_mb_use_preallocated

In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4mbusepreallocated During allocations, while looking for preallocationsPA in the per inode rbtree, we can't do a direct traversal of the tree because ext4mbdiscardgrouppreallocation can...

PT-2025-50169

Name of the Vulnerable Software and Affected Versions Microsoft Brokering File System affected versions not specified Description A flaw exists in the Microsoft Brokering File System related to concurrent execution using a shared resource with improper synchronization, creating a race condition...

PT-2025-50196

Name of the Vulnerable Software and Affected Versions Windows Shell affected versions not specified Description A flaw exists in Windows Shell related to concurrent execution using a shared resource with improper synchronization, creating a race condition. This can allow a locally authenticated...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from itimerdelete not handling concurrent expiration correctly, which could lead to RT real-time lockup...

DEBIAN-CVE-2023-53762

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in hcidisconnectallsync Use-after-free can occur in hcidisconnectallsync if a connection is deleted by concurrent processing of a controller event. To prevent this the code now tries to iterate over th...

CVE-2023-53762 Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in hcidisconnectallsync Use-after-free can occur in hcidisconnectallsync if a connection is deleted by concurrent processing of a controller event. To prevent this the code now tries to iterate over th...

CVE-2023-53762 Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in hcidisconnectallsync Use-after-free can occur in hcidisconnectallsync if a connection is deleted by concurrent processing of a controller event. To prevent this the code now tries to iterate over th...

CVE-2023-53759

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidrawopen function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently...

PT-2025-49492

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc1+ 10 Description A use-after-free condition can occur in the Bluetooth stack within the Linux kernel, specifically in the hci disconnect all sync function. This issue arises when a connection is deleted...

Linux Distros Unpatched Vulnerability : CVE-2025-40272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/secretmem: fix use-after-free race in fault handler When a page fault occurs in a secret memory file created with memfdsecret2, the kernel will allocate a ne...

CVE-2025-40271

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...

CVE-2025-40271 fs/proc: fix uaf in proc_readdir_de()

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mm secretmem not properly handling concurrent page errors, which could lead to reuse after release...

Race Condition

Overview lifx-async is an A modern, type-safe, async Python library for controlling LIFX lights Affected versions of this package are vulnerable to Race Condition due to improper synchronization in concurrent request handling within the network module. The package fails to implement adequate...

kernel: smb: client: fix race with concurrent opens in rename(2)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename2 Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outstanding I/O to complete as well as marking all...

kernel: smb: client: fix race with concurrent opens in rename(2)

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename2 Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outstanding I/O to complete as well as marking all...

ALSA-2025:22388 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in rename2 CVE-2025-39825 kernel: mm/memory-failure: fix...