CVE-2021-41225

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the trainnodes vector obtained from the saved model that gets optimized does not contain a Dequeue node, then dequeuenode is left unitialized. The...

kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

A flaw was discovered in the Bluetooth subsystem of the Linux kernel. When processing a HCIEVNUMCOMPPKTS event, the function hciconntxdequeue did not properly hold or release the hdev device lock, which may lead to a use-after-free of the connection structure...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993039)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993039 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: change place of 'privep' assignment in cdns3gadgetepdequeue, cdns3gadgetepenable If...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993277 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need t...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993168)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993168 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: clear outcurr if all frag chunks of current msg are pruned A crash was reported by Zhen Che...

EUVD-2023-60516

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fortify the spinlock against deadlock by interrupt In the function ieee80211txdequeue there is a particular locking sequence: begin: spinlock&local-queuestopreasonlock; qstopped = local-queuestopreasonsq;...

CVE-2023-54288

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fortify the spinlock against deadlock by interrupt In the function ieee80211txdequeue there is a particular locking sequence: begin: spinlock&local-queuestopreasonlock; qstopped = local-queuestopreasonsq;...

CVE-2023-54288

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fortify the spinlock against deadlock by interrupt In the function ieee80211txdequeue there is a particular locking sequence: begin: spinlock&local-queuestopreasonlock; qstopped = local-queuestopreasonsq;...

CVE-2023-54288 wifi: mac80211: fortify the spinlock against deadlock by interrupt

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fortify the spinlock against deadlock by interrupt In the function ieee80211txdequeue there is a particular locking sequence: begin: spinlock&local-queuestopreasonlock; qstopped = local-queuestopreasonsq;...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992641)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992641 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a potential UAF in hfscdequeue too Similarly to the previous patch, we need t...

UBUNTU-CVE-2023-53836

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

A flaw was discovered in the Bluetooth subsystem of the Linux kernel. When processing a HCIEVNUMCOMPPKTS event, the function hciconntxdequeue did not properly hold or release the hdev device lock, which may lead to a use-after-free of the connection structure...

CVE-2025-40318 Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix race in hcicmdsyncdequeueonce hcicmdsyncdequeueonce does lookup and then cancel the entry under two separate lock sections. Meanwhile, hcicmdsyncwork can also delete the same entry, leading to double listd...

CVE-2025-40318

CVE-2025-40318 : In the Linux kernel, Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once. The root cause was a race between hci_cmd_sync_dequeue_once() performing a lookup then cancel under one lock section while hci_cmd_sync_work() could also delete the same entry, causing a double list_...

kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...

kernel: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree

In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...

kernel: sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash

In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...

CLSA-2025-1762538077 dpdk: Fix of CVE-2024-11614

CVE-2024-11614: add bounds check in vhostdequeueoffload to prevent checksum computation overflow...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989409 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schets: don't peek at classes beyond 'nbands' when the number of DRR classes decreases...

net/sched: sch_qfq: Fix null-deref in agg_dequeue

...