24 matches found
CVE-2026-31734
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...
EUVD-2026-26547
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...
CVE-2026-31734
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...
CVE-2026-31482
A flaw was found in the Linux kernel, specifically within the s390 architecture's kernel entry process. Due to an incomplete update, a critical register r12 was not properly cleared when entering the kernel. This oversight could allow a local user to potentially access sensitive system informatio...
PT-2026-34387
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the s390 architecture where the r12 register is not properly cleared during kernel entry. Previously, entry handlers loaded r12 with the current task pointer for use b...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: riscv: stacktrace: Disable KASAN checks for non-current tasks Unwinding the stack of a task other than current, KASAN would report "BUG: KASAN: out-of-bounds in walkstackframe+0x41c/0x460" There is a same issue on x86 and has bee...
Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993158)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993158 advisory. In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running -parallel A deadlock can happen when an overloaded...
SUSE CVE-2025-40358
In the Linux kernel, the following vulnerability has been resolved: riscv: stacktrace: Disable KASAN checks for non-current tasks Unwinding the stack of a task other than current, KASAN would report "BUG: KASAN: out-of-bounds in walkstackframe+0x41c/0x460" There is a same issue on x86 and has bee...
Linux Distros Unpatched Vulnerability : CVE-2025-40358
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: stacktrace: Disable KASAN checks for non-current tasks Unwinding the stack of a task other than current, KASAN would report BUG: KASAN: out-of-bounds in...
DEBIAN-CVE-2025-40201
In the Linux kernel, the following vulnerability has been resolved: kernel/sys.c: fix the racy usage of tasklocktsk-groupleader in sysprlimit64 paths The usage of tasklocktsk-groupleader in sysprlimit64-doprlimit path is very broken. sysprlimit64 does gettaskstructtsk but this only protects...
CVE-2022-50382 padata: Always leave BHs disabled when running ->parallel()
In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running -parallel A deadlock can happen when an overloaded system runs -parallel in the context of the current task: padatadoparallel -parallel pcryptaeadenc/dec padatadoserial...
CVE-2022-50382
CVE-2022-50382 refers to a Linux kernel fix for a deadlock involving padata parallelization when BHs are enabled during the serial path. The issue occurs in padata_do_serial where a spin_lock on reorder->lock could be taken with BHs still on, enabling a deadlock on overload. The fix ensures BH...
CVE-2022-50382 padata: Always leave BHs disabled when running ->parallel()
In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running -parallel A deadlock can happen when an overloaded system runs -parallel in the context of the current task: padatadoparallel -parallel pcryptaeadenc/dec padatadoserial...
ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered
...
Linux Distros Unpatched Vulnerability : CVE-2025-38100
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIFIOBITMAP inconsistencies iobitmapexit is invoked from exitthread when a ta...
UBUNTU-CVE-2025-38100
In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIFIOBITMAP inconsistencies iobitmapexit is invoked from exitthread when a task exists or when a fork fails. In the latter case the exitthread cleans up resources which were allocated during fork. iobitmapexit...
CVE-2025-21642
In the Linux kernel, the following vulnerability has been resolved: mptcp: sysctl: sched: avoid using current-nsproxy Using the 'net' structure via 'current' is not recommended for different reasons. First, if the goal is to use it to read or write per-netns data, this is inconsistent with how th...
CVE-2025-21638 sctp: sysctl: auth_enable: avoid using current->nsproxy
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
PT-2025-4322 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, specifically the mptcp subsystem and its handling of the blackhole timeout via sysctl. The problem arises from using the net structure via current,...
SUSE CVE-2023-38898
An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the asyncio.swapcurrenttask component. NOTE: this is disputed by the vendor because 1 neither 3.7 nor any other release is affected it is a bug in some 3.12 pre-releases; 2 there are no common scenarios in whi...