21 matches found
EUVD-2026-32384
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...
CVE-2026-45918
CVE-2026-45918 concerns a race condition in the Linux kernel related to OpenVPN TCP handling. When a peer is kept alive and later removed, the kernel temporarily places the peer in a release list and detaches from the socket by restoring its proto and socket callbacks. If userspace closes the soc...
PT-2026-43785
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the OpenVPN implementation within the Linux kernel. When a peer is deleted due to keepalive expiration, it is moved to a release list for processing via the ov...
Linux Distros Unpatched Vulnerability : CVE-2026-43232
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets When the FarSync T-series card is being detached, the fstcardinfo is deallocated in...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987069)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987069 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug wh...
AZL-67563 CVE-2025-39863 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work The brcmfbtcoexdetach only shuts down the btcoex timer, if the flag timeron is false. However, the brcmfbtcoextimerfunc, which runs as timer handler, sets...
DEBIAN-CVE-2025-39863
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work The brcmfbtcoexdetach only shuts down the btcoex timer, if the flag timeron is false. However, the brcmfbtcoextimerfunc, which runs as timer handler, sets...
UBUNTU-CVE-2025-39863
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work The brcmfbtcoexdetach only shuts down the btcoex timer, if the flag timeron is false. However, the brcmfbtcoextimerfunc, which runs as timer handler, sets...
CVE-2025-39863 wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work The brcmfbtcoexdetach only shuts down the btcoex timer, if the flag timeron is false. However, the brcmfbtcoextimerfunc, which runs as timer handler, sets...
AZL-66860 CVE-2025-38687 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: comedi: fix race between polling and detaching syzbot reports a use-after-free in comedi in the below link, which is due to comedi gladly removing the allocated async area even though poll requests are still active on the...
UBUNTU-CVE-2025-38687
In the Linux kernel, the following vulnerability has been resolved: comedi: fix race between polling and detaching syzbot reports a use-after-free in comedi in the below link, which is due to comedi gladly removing the allocated async area even though poll requests are still active on the...
CVE-2025-38687 comedi: fix race between polling and detaching
In the Linux kernel, the following vulnerability has been resolved: comedi: fix race between polling and detaching syzbot reports a use-after-free in comedi in the below link, which is due to comedi gladly removing the allocated async area even though poll requests are still active on the...
CLSA-2025-1747430081 Fix of 50 CVEs
CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length CVE-url: https://ubuntu.com/security/CVE-2024-46745 - Input: uinput - reject requests with unreasonable number of slots CVE-url: https://ubuntu.com/security/CVE-2024-44952 - driver core: Fix ueventsho...
CVE-2025-22111 net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.
In the Linux kernel, the following vulnerability has been resolved: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first and later forwarded to brioctlcall, which causes unnecessary RTNL dance and the splat below 0 under RTNL pressure. Let's say Thread A...
DEBIAN-CVE-2022-49059
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...
CVE-2024-50260 sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()
In the Linux kernel, the following vulnerability has been resolved: sockmap: fix a NULL pointer dereference in sockmaplinkupdateprog The following race condition could trigger a NULL pointer dereference: sockmaplinkdetach: sockmaplinkupdateprog: mutexlock&sockmapmutex; ... sockmaplink-map = NULL;...
CVE-2024-44952
...
CVE-2024-44952
CVE-2024-44952 is associated with Siemens SCALANCE and RUGGEDCOM devices (OT environment). The issue is described as an improper locking that could lead to a deadlock in driver core during device detachment/attribute handling. The cited advisory fixes the problem by using synchronize_rcu() to pre...
SUSE CVE-2022-44032
An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open, aka a race condition between cmmopen and cm4000detach...
An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open() aka a race condition between cmm_open() and cm4000_detach().
...