16 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Added missing delayed work cancellation for headset status. The call to canceldelayedworksync was missed, resulting in a use-after-free in corsairvoidremove...
CVE-2026-31656
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intelengineparkheartbeat A use-after-free / refcount underflow is possible when the heartbeat worker and intelengineparkheartbeat race to release the same engine-heartbeat.systole request. T...
CVE-2026-31499
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the work functions l2capinfotimeout and l2capconnupdateidaddr both acqui...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007417)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007417 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA...
EUVD-2026-10575
In the Linux kernel, the following vulnerability has been resolved: tls: Fix race condition in tlsswcancelworktx This issue was discovered during a code audit. After canceldelayedworksync is called from tlsskprotoclose, txworkhandler can still be scheduled from paths such as the Delayed ACK handl...
CVE-2022-50676 net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()
In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting lockdep warning at rdstcpresetcallbacks 1, for commit ac3615e7f3cffe2a "RDS: TCP: Reduce code duplication in rdstcpresetcallbacks"...
DEBIAN-CVE-2025-40211
In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed work accesses device-brightness and device-backlight, freed by acpivideodevunregisterbacklight during device removal. If the work...
AZL-68585 CVE-2025-40001 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...
UBUNTU-CVE-2025-40001
In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...
CVE-2025-39996
In the Linux kernel, the following vulnerability has been resolved: media: b2c2: Fix use-after-free causing by irqcheckwork in flexcoppciremove The original code uses canceldelayedwork in flexcoppciremove, which does not guarantee that the delayed work item irqcheckwork has fully completed if it...
CVE-2025-39994
The CVE-2025-39994 issue is in the Linux kernel’s media tuner xc5000: the code path xc5000_release() used cancel_delayed_work(), risking use-after-free of xc5000_priv if timer_sleep is still active. The fix replaces cancel_delayed_work() with cancel_delayed_work_sync() to ensure the delayed work ...
CVE-2025-39944 octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix use-after-free bugs in otx2synctstamp The original code relies on canceldelayedwork in otx2ptpdestroy, which does not ensure that the delayed work item synctstampwork has fully completed if it was already runnin...
PT-2025-42268
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the xc5000 driver related to timer management. The xc5000 release function originally used cancel delayed work, which does not...
SUSE CVE-2025-21797
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Add missing delayed work cancel for headset status The canceldelayedworksync call was missed, causing a use-after-free in corsairvoidremove...
UBUNTU-CVE-2025-21797
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Add missing delayed work cancel for headset status The canceldelayedworksync call was missed, causing a use-after-free in corsairvoidremove...
CVE-2025-21797 HID: corsair-void: Add missing delayed work cancel for headset status
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Add missing delayed work cancel for headset status The canceldelayedworksync call was missed, causing a use-after-free in corsairvoidremove...