45 matches found
EUVD-2025-205214
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...
CVE-2025-68748
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...
UBUNTU-CVE-2025-68748
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...
CVE-2025-68748 drm/panthor: Fix UAF race between device unplug and FW event processing
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...
CVE-2025-68748
CVE-2025-68748 concerns a Linux kernel UAF race in the DRM panthor component, where panthor_fw_unplug() frees FW memory while pending FW events may still be handled, leading to use-after-free. The fix, as described in the connected sources, is to call disable_work_sync() to drain and prevent furt...
Linux Distros Unpatched Vulnerability : CVE-2025-68748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there...
PT-2025-53014
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel’s Panthor DRM driver contains a use-after-free issue. The panthor fw unplug function frees firmware memory sections, but pending firmware events may still be processing ...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net:kcm: A race condition was fixed in kcmunattach. syzbot identified a race condition when kcmunattachpsock and kcmreleasekcm are executed simultaneously. The kcmunattach function lacks a check for the kcm-txstopped flag before...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevents recovery work from being queued during device removal. Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new recovery work items can be queued after device removal has started...
Linux Distros Unpatched Vulnerability : CVE-2025-39896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Prevent recovery work from being queued during device removal Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new...
smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)
...
EUVD-2025-26752
Malicious code in bioql PyPI...
SUSE CVE-2025-39896
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery work from being queued during device removal Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new recovery work items can be queued after device removal has started...
CVE-2025-39896
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery work from being queued during device removal Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new recovery work items can be queued after device removal has started...
UBUNTU-CVE-2025-39896
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery work from being queued during device removal Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new recovery work items can be queued after device removal has started...
CVE-2025-39896 accel/ivpu: Prevent recovery work from being queued during device removal
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery work from being queued during device removal Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new recovery work items can be queued after device removal has started...
SUSE CVE-2025-38717
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
DEBIAN-CVE-2025-38717
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
AZL-66887 CVE-2025-38717 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
AZL-70783 CVE-2025-38717 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...