CVE-2025-38311

In the Linux kernel, the following vulnerability has been resolved: iavf: get rid of the crit lock Get rid of the crit lock. That frees us from the error prone logic of trylocks. Thanks to netdevlock by Jakub it is now easy, and in most cases we were protected by it already - replace crit lock by...

CVE-2022-49899

CVE-2022-49899 concerns the Linux kernel’s fscrypt handling of fscrypt_master_key. The connected docs describe a fix that stops storing fscrypt_master_key structs as payloads inside the keyrings subsystem and instead keeps them in a regular kernel data structure with revised reference counting an...

Linux Distros Unpatched Vulnerability : CVE-2024-53054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction A hungtask problem shown...

Linux Distros Unpatched Vulnerability : CVE-2024-41045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through...

Linux Distros Unpatched Vulnerability : CVE-2023-52486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a...

CVE-2022-49531

The CVE-2022-49531 entry concerns the Linux kernel loop driver. A vulnerability in the loop: implement ->free_disk could allow freeing a lo_device before the gendisk is freed, risking a deadlock if the device is still in use. The issue is described as resolved, with upstream fixes relaxing the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2024:3980-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3980-1 advisory. Security issues fixed: - CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling bsc12326...

openSUSE 15 Security Update : virtualbox (openSUSE-SU-2024:0364-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0364-1 advisory. Update to release 7.1.4: NAT: Fixed DHCP problems with certain guests when domain is empty VMSVGA: Improved flickering, black screen and other...

CVE-2024-47736 erofs: handle overlapped pclusters out of crafted images properly

In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. After looking...

CVE-2024-38600

In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals at disconnection In sndcarddisconnect, we set card-shutdown flag at the beginning, call callbacks and do sync for card-powerrefsleep waiters at the end. The callback may delete a kctl elemen...

Unbreakable Enterprise kernel security update

2.6.39-400.297.12 - xsigo: backport Fix race in freeing aged Forwarding tables Pradeep Gopanapalli Orabug: 24823234 - ocfs2: fix deadlock issue when taking inode lock at vfs entry points Eric Ren Orabug: 25671723 - ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock Eric Ren...

Re: unsafe fgets() in sendmail's mail.local

On Mon, Apr 24, 2000, 3APA3A wrote: Topic: unsafe fgets in sendmail's mail.local 1. Possibility to insert LMTP commands into e-mail message 2. Possibility of deadlock between sendmail and mail.local 3. Possibility to corrupt user's mailbox 4. Possibility to change e-mail headers of the message in...