Lucene search
+L

239 matches found

Vulnrichment
Vulnrichment
added 2025/10/01 7:44 a.m.3 views

CVE-2025-39908 net: dev_ioctl: take ops lock in hwtstamp lower paths

In the Linux kernel, the following vulnerability has been resolved: net: devioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the per-device ops lock. Make the lower get/set paths consistent with the rest of ndo invocations. Kernel log: WARNING: CPU: 13...

6AI score0.00119EPSS
Exploits0References2
CVE
CVE
added 2025/10/01 7:44 a.m.18 views

CVE-2025-39908

CVE-2025-39908 : The Linux kernel vulnerability relates to the net: dev_ioctl: take ops lock in hwtstamp lower paths. The issue stems from hwtstamp callbacks not consistently running under the per-device ops lock in lower get/set paths; a patch in progress converts legacy ioctl flows to ndo_hwtst...

5.5CVSS6AI score0.00119EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/10/01 7:44 a.m.5 views

CVE-2025-39908 net: dev_ioctl: take ops lock in hwtstamp lower paths

In the Linux kernel, the following vulnerability has been resolved: net: devioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the per-device ops lock. Make the lower get/set paths consistent with the rest of ndo invocations. Kernel log: WARNING: CPU: 13...

5.5CVSS6.1AI score0.00119EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/01 7:44 a.m.12 views

CVE-2025-39908 net: dev_ioctl: take ops lock in hwtstamp lower paths

In the Linux kernel, the following vulnerability has been resolved: net: devioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the per-device ops lock. Make the lower get/set paths consistent with the rest of ndo invocations. Kernel log: WARNING: CPU: 13...

0.00119EPSS
Exploits0References2
OSV
OSV
added 2025/10/01 7:44 a.m.4 views

CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver

In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl-phydev writes with resolver Currently phylinkresolve protects itself against concurrent phylinkbringupphy or phylinkdisconnectphy calls which modify pl-phydev by relying on...

7CVSS6.2AI score0.00102EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.4 views

PT-2025-40082

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to hardware timestamping hwtstamp within network device operations. Specifically, the issue involves failing to properly acquire the operations...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References16
NVD
NVD
added 2025/09/23 6:15 a.m.7 views

CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS0.00119EPSS
Exploits0References2
OSV
OSV
added 2025/09/23 6:15 a.m.4 views

DEBIAN-CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS5.4AI score0.00119EPSS
Exploits0References1
OSV
OSV
added 2025/09/23 6:15 a.m.4 views

UBUNTU-CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References5
OSV
OSV
added 2025/09/23 6:15 a.m.5 views

UBUNTU-CVE-2025-39872

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

5.5CVSS5.7AI score0.00134EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/09/23 6:0 a.m.11 views

CVE-2025-39874 macsec: sync features on RTM_NEWLINK

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

0.00119EPSS
Exploits0References2
CVE
CVE
added 2025/09/23 6:0 a.m.23 views

CVE-2025-39874

CVE-2025-39874 - Linux kernel macsec feature synchronization race : The issue occurs in macsec feature updates where lower (real) and upper device feature states can become out of sync during ETHTOOL_SFEATURES handling, potentially causing a lock in the lower device while updating features. The r...

5.5CVSS6.1AI score0.00119EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/09/23 6:0 a.m.25 views

CVE-2025-39872

Summary (CVE-2025-39872) : The vulnerability affects the Linux kernel’s hsr code path. The bug arises in hsr_get_port_ndev, where hsr_for_each_port requires an RCU lock while the caller later needs a valid device reference, creating a UaF risk. Documents from Red Hat, Debian, and OSS/OSV portals ...

5.5CVSS6.1AI score0.00134EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/09/23 6:0 a.m.7 views

CVE-2025-39872 hsr: hold rcu and dev lock for hsr_get_port_ndev

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

0.00134EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/09/23 6:0 a.m.5 views

CVE-2025-39872

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

5.5CVSS5.4AI score0.00134EPSS
Exploits0
CNNVD
CNNVD
added 2025/09/23 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from hsrgetportndev not holding the rcu lock and device lock correctly, which could lead to reuse after release...

5.5CVSS6.1AI score0.00134EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 5:15 p.m.3 views

DEBIAN-CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

7CVSS6.1AI score0.00098EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.4 views

PT-2025-38008

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Bluetooth functionality. Specifically, a race condition can occur within the mgmt init hdev function due to the lack of serialization via hc...

5.8AI score0.00098EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.6 views

PT-2025-39131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MACsec feature synchronization on RTM NEWLINK events. Syzkaller identified a condition where the lower network device could become locked when...

5.5CVSS6.1AI score0.00119EPSS
Exploits0References18
NVD
NVD
added 2025/09/07 4:15 p.m.8 views

CVE-2025-39733

In the Linux kernel, the following vulnerability has been resolved: team: replace team lock with rtnl lock syszbot reports various ordering issues for lower instance locks and team lock. Switch to using rtnl lock for protecting team device, similar to bonding. Based on the patch by Tetsuo Handa...

5.5CVSS0.00134EPSS
Exploits0References3
Rows per page
Query Builder