682 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcprecovery. When reading sysctltcprecovery, it can be changed concurrently. Therefore, we need to add READONCE to its readers...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed possible data races in gfs2showoptions Some fields such as gtlogdsecs of the struct gfs2tune are accessed without holding the lock gtspin in gfs2showoptions: val = sdp-sdtune.gtlogdsecs; if val != 30 seqprintfs,...
CVE-2026-43119 Bluetooth: hci_sync: annotate data-races around hdev->req_status
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006935)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006935 advisory. In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctlnetbusyread We need to protect the reader reading the sysctl...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006919)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006919 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2showoptions Some fields such as gtlogdsecs of the struct...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006683)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006683 advisory. In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipprotsock. sysctlipprotsock is accessed concurrently, and there ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006644)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006644 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpfastopenblackholetimeout. While reading...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006640)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006640 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006636)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006636 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpl3mdevaccept. While reading sysctltcpl3mdevaccept, it can be...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006747)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006747 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2showoptions Some fields such as gtlogdsecs of the struct...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006583)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006583 advisory. In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif whi...
CVE-2026-26073 EVerest: OCPP 1.6 heap corruption caused by lock-free insertion in event_queue
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::queue/std::deque corruption. The trigger is powermeter public key update and EV session/error events while OCPP not started. This results in a TSAN data race report and an ASAN/UBSAN...
EVerest 资源管理错误漏洞
EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contained a resource management vulnerability caused by data competition, which could lead to reusing resources after release...
EVerest 竞争条件问题漏洞
EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions of EVerest prior to 2026.02.0 contained a race condition vulnerability. This vulnerability stemmed from undefined C++ behavior due to data races, which could lead to memory corruption...
CVE-2026-23302
A flaw was found in the Linux kernel. This vulnerability involves data races within the networking subsystem, specifically related to how network socket pointers are handled concurrently by multiple central processing units CPUs. Without proper synchronization, this concurrent access can lead to...
EUVD-2026-15238
In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...
CVE-2026-23302
In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...
CVE-2026-23302
In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them concurrently. Add corresponding READONCE/WRITEONCE annotations for UDP, TCP an...
CVE-2026-23302
Summary (CVE-2026-23302): The Linux kernel patch resolves a data-race in data-path pointers sk->sk_data_ready and sk->sk_write_space, where skmsg and possibly other layers could modify these pointers while others may read them concurrently. The fix adds corresponding READ_ONCE()/WRITE_ONCE(...
Linux Distros Unpatched Vulnerability : CVE-2026-23302
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: annotate data-races around sk-skdataready,writespace skmsg and probably other layers are changing these pointers while other cpus might read them...