Lucene search
K

232 matches found

Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.1 views

PT-2026-2600

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock situation can occur between nfc unregister device and rfkill fop write functions due to an inversion of lock ordering between device lock and rfkill global mutex. Specifically...

5.5CVSS5.4AI score0.00089EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/01/12 9:30 a.m.3 views

kernel: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver

A flaw was found in the Linux kernel’s phylink subsystem: when phylinkresolve executes while pl-statemutex is held, it may acquire pl-phydev-lock out of order relative to other paths phylinkbringupphy or phylinkdisconnectphy that acquire pl-phydev-lock prior to pl-statemutex. This lock inversion...

7CVSS5.8AI score0.00102EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-20447

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The driver override show function in the Linux kernel can experience a use-after-free condition. This occurs because the function reads the driver override string without acquiring the...

7.8CVSS5.4AI score0.00121EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/12/31 12:29 a.m.4 views

SUSE CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

5.5CVSS6.3AI score0.00166EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2025/12/31 12:25 a.m.4 views

SUSE CVE-2023-54324

In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrievedeps There's a race condition in the multipath target when retrievedeps races with multipathmessage calling dmgetdevice and dmputdevice. retrievedeps walks the list of open devices without...

6.3CVSS6.5AI score0.00169EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992930)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992930 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential deadlock in driverattach In driverattach function, There are also AA...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.4 views

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

5.7AI score0.00166EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/16 6:31 p.m.5 views

EUVD-2025-203775

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

5.9AI score0.00156EPSS
Exploits0References5
NVD
NVD
added 2025/12/16 4:16 p.m.7 views

CVE-2025-68310

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery: Acquire just devicelock instead of pcidevlock as...

0.0016EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/16 4:16 p.m.4 views

CVE-2025-68310

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery: Acquire just devicelock instead of pcidevlock as...

5.8AI score0.0016EPSS
Exploits0References22
OSV
OSV
added 2025/12/16 4:16 p.m.6 views

UBUNTU-CVE-2025-68310

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery: Acquire just devicelock instead of pcidevlock as...

5.8AI score0.0016EPSS
Exploits0References23
OSV
OSV
added 2025/12/16 4:16 p.m.5 views

UBUNTU-CVE-2025-68305

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

5.7AI score0.00156EPSS
Exploits0References23
CVE
CVE
added 2025/12/16 3:39 p.m.15 views

CVE-2025-68310

CVE-2025-68310 : Linux kernel fix for a deadlock between PCI error recovery and mlx5 crdump on s390. The patch avoids blocking PCI config accesses by PCI error recovery code by acquiring only device_lock() (not pci_dev_lock()), preventing hangs in mlx5_health_unload and crdump collection when PCI...

6.1AI score0.0016EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/16 3:6 p.m.29 views

CVE-2025-68305 Bluetooth: hci_sock: Prevent race in socket write iter and sock bind

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

0.00156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-68194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First...

6.2AI score0.00177EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/17 9:52 a.m.4 views

kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

A flaw was discovered in the Bluetooth subsystem of the Linux kernel. When processing a HCIEVNUMCOMPPKTS event, the function hciconntxdequeue did not properly hold or release the hdev device lock, which may lead to a use-after-free of the connection structure...

5.8AI score0.00168EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989312 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid pcidevlock AB/BA deadlock with sriovnumvfsstore The sysfs sriovnumvfsstore path acquir...

5.5CVSS5.8AI score0.0021EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989948)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989948 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Avoid pcidevlock AB/BA deadlock with sriovnumvfsstore The sysfs sriovnumvfsstore path acquir...

5.5CVSS5.8AI score0.0021EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/04 1:17 a.m.12 views

CVE-2025-43460

A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locked device may be able to view sensitive user information...

0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/08 5:2 a.m.5 views

EUVD-2025-31843

A security flaw has been discovered in itsourcecode Leave Management System 1.0. This impacts the function redirect of the file /module/employee/controller.php?action=reset of the component Query Parameter Handler. Performing manipulation of the argument ID results in cross site scripting. It is...

5.1CVSS3.6AI score0.00264EPSS
Exploits1References7
Rows per page
Query Builder