588 matches found
kernel: futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock
A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
kernel: futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock
A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
kernel: futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock
A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
SUSE-SU-2026:2722-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3registerwor...
SUSE-SU-2026:22436-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by...
SUSE-SU-2026:22509-1 Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.30.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
SUSE-SU-2026:22508-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.32.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
SUSE-SU-2026:22507-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay...
Linux Distros Unpatched Vulnerability : CVE-2026-52973
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex: Drop CLONETHREAD requirement for private default hash alloc Currently needfutexhashallocatedefault depends on strict pthread semantics, abusing...
Linux Distros Unpatched Vulnerability : CVE-2026-53163
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - locking/rtmutex: Skip removewaiter when waiter is not enqueued syzbot triggered the following splat in removewaiter via FUTEXCMPREQUEUEPI: KASAN: null-ptr-deref...
Linux Distros Unpatched Vulnerability : CVE-2026-53166
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex/requeue: Prevent NULL pointer dereference in removewaiter on self-deadlock When FUTEXCMPREQUEUEPI requeues a non-top waiter that already owns the target P...
futex: Prevent lockup in requeue-PI during signal/ timeout wakeup
...
CVE-2026-52977
A flaw was found in the Linux kernel's futex Fast Userspace Mutexes subsystem. A race condition between two concurrent futex operations can lead to a system live lock. This occurs when a task attempting to exit early due to a signal or timeout becomes deadlocked while another task continuously...
CVE-2026-53163
A flaw was found in the Linux kernel's rtmutex locking mechanism. A local attacker could trigger a null-pointer dereference by using the FUTEXCMPREQUEUEPI operation. This vulnerability occurs because the removewaiter function is called when the waiter is not properly enqueued, leading to a system...
SUSE-SU-2026:22288-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...
SUSE-SU-2026:22391-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.31.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...