40 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixing the deletion race condition A system crash occurs when using the debug kernel due to corruption of the link list. The cause of the link list corruption is that session deletion was allowed to occur twice...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fixed a use-after-free race condition for maps It is possible that before fastrpcfreemap is called, another thread may call fastrpcmaplookup and obtain a reference to a map that is about to be deleted. The function...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007044)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007044 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006750)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006750 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list...
CVE-2026-23393
A flaw was found in the Linux kernel's bridge Connectivity Fault Management CFM component. A race condition can occur during the deletion of a peer Maintenance Entity Group End Point MEP. This allows the brcfmframerx function to re-schedule a delayed work on a MEP object after it has been marked...
CVE-2026-23393
In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...
CVE-2026-25954
CVE-2026-25954 affects FreeRDP. The vulnerability arises in the RAIL path where xf_rail_get_window returns a pointer from the railWindows hash table that is freed by the main thread while the RAIL channel thread is still using it, allowing dereferencing of a freed xfAppWindow pointer. This race c...
CVE-2026-25953 FreeRDP has heap-use-after-free in xf_AppUpdateWindowFromSurface (freed appWindow)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...
CVE-2026-25952
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004957)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004957 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel If an exiting...
PT-2026-22009
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. Versions before 3.23.0 contain a flaw where the xf SetWindowMinMaxInfo function improperly dereferences a freed xfAppWindow pointer...
CVE-2025-12472
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...
CVE-2025-12472
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...
CVE-2025-12472 Remote Code Execution in Looker due to Improperly Validated Directory Deletion
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...
Google Cloud Looker 安全漏洞
Google Cloud Looker is an online tool from Google USA for transforming data into customizable and informative reports and dashboards. A security vulnerability exists in Google Cloud Looker that stems from the Looker Developer role that can manipulate LookML projects to take advantage of competing...
OESA-2025-2554 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than...
Linux Distros Unpatched Vulnerability : CVE-2023-53615
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to...
SUSE CVE-2023-53615
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here's the internal trac...
CVE-2023-53615
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here's the internal trac...
UBUNTU-CVE-2023-53615
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here's the internal trac...