Linux Distros Unpatched Vulnerability : CVE-2026-43415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013065)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013065 advisory. In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007417)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007417 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006782)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006782 advisory. In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in...

UBUNTU-CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

EUVD-2026-10575

In the Linux kernel, the following vulnerability has been resolved: tls: Fix race condition in tlsswcancelworktx This issue was discovered during a code audit. After canceldelayedworksync is called from tlsskprotoclose, txworkhandler can still be scheduled from paths such as the Delayed ACK handl...

CVE-2026-23240 tls: Fix race condition in tls_sw_cancel_work_tx()

In the Linux kernel, the following vulnerability has been resolved: tls: Fix race condition in tlsswcancelworktx This issue was discovered during a code audit. After canceldelayedworksync is called from tlsskprotoclose, txworkhandler can still be scheduled from paths such as the Delayed ACK handl...

CVE-2025-68822

A use-after-free flaw was found in the Linux kernel's ALPS touchpad driver. A race condition exists between device disconnection and the dev3registerwork delayed work item. During disconnect, the alpsdata structure can be freed while the delayed work is still executing, causing the work function ...

UBUNTU-CVE-2025-68324

In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'immtq' is initialized in immattach and scheduled via immqueuecommand for processing SCSI commands. When the IMM parallel port SCSI host...

CVE-2025-68324

In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'immtq' is initialized in immattach and scheduled via immqueuecommand for processing SCSI commands. When the IMM parallel port SCSI host...

CVE-2025-40001

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...

EUVD-2025-34988

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...

CVE-2025-40001

CVE-2025-40001 affects the Linux kernel SCSI mvsas driver. During Marvell SAS/SATA controller detach, the code calls cancel_delayed_work() for mwq->work_q. If the delayed work is already running, cancellation may fail, causing a use-after-free of mvs_info after free in mvs_free(), while mvs_wo...

CVE-2025-40001

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...

AZL-68510 CVE-2025-39994 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...

CVE-2025-39994 media: tuner: xc5000: Fix use-after-free in xc5000_release

In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...

EUVD-2025-32383

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

AZL-75170 CVE-2025-39945 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...

CVE-2025-39945 cnic: Fix use-after-free bugs in cnic_delete_task

In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in cniccmstopbnx2xhw, which does not guarantee that the delayed work item 'deletetask' has fully completed if it was already running...