Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-52977

A flaw was found in the Linux kernel's futex Fast Userspace Mutexes subsystem. A race condition between two concurrent futex operations can lead to a system live lock. This occurs when a task attempting to exit early due to a signal or timeout becomes deadlocked while another task continuously...

5.5CVSS5.7AI score0.00172EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-52977

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex: Prevent lockup in requeue-PI during signal/ timeout wakeup During wait-requeue-pi task A and requeue-PI task B the following race can happen: Task A Tas...

5.8AI score0.00172EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.18 views

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2171)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

7.8CVSS8.2AI score0.0071EPSS
Exploits7References506
SUSE Linux
SUSE Linux
added 2026/05/08 12:33 p.m.9 views

Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...

7.8CVSS6.8AI score0.96775EPSS
Exploits228References24
OSV
OSV
added 2026/05/06 11:4 a.m.6 views

SUSE-SU-2026:1708-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.6 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

7.8CVSS6.8AI score0.96775EPSS
Exploits228References13
OSV
OSV
added 2026/05/05 1:7 p.m.5 views

SUSE-SU-2026:21471-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI...

7.8CVSS6.8AI score0.96775EPSS
Exploits228References13
SUSE Linux
SUSE Linux
added 2026/05/05 6:34 a.m.7 views

Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during requeue-...

7.8CVSS6.8AI score0.96775EPSS
Exploits228References24
Cvelist
Cvelist
added 2026/04/02 11:40 a.m.21 views

CVE-2026-23415 futex: Fix UaF between futex_key_to_node_opt() and vma_replace_policy()

In the Linux kernel, the following vulnerability has been resolved: futex: Fix UaF between futexkeytonodeopt and vmareplacepolicy During futexkeytonodeopt execution, vma-vmpolicy is read under speculative mmap lock and RCU. Concurrently, mbind may call vmareplacepolicy which frees the old mempoli...

7.8CVSS0.00124EPSS
Exploits0References3
OSV
OSV
added 2026/02/24 9:10 a.m.5 views

SUSE-SU-2026:20498-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. - CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. ...

9.8CVSS7.1AI score0.00544EPSS
Exploits5References1096
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

Siemens S7-1500 Use After Free (CVE-2025-39977)

"In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue futexproxytrylockatomic futexrequeuepiprepare requeuepiwakefutex...

6.2AI score0.00188EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Futex: Do not leak the robustlist pointer during the exec race condition. The functions sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check whether the calling task is allowed to access another task’s...

5.7AI score0.00191EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/09 6:30 p.m.3 views

EUVD-2025-201861

In the Linux kernel, the following vulnerability has been resolved: futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access another task's robustlist pointer. This check is racy against a...

5.8AI score0.00191EPSS
Exploits0References6
CVE
CVE
added 2025/12/09 4:9 a.m.17 views

CVE-2025-40341

CVE-2025-40341 concerns a race in futex handling (robust_list) in the Linux kernel where sys_get_robust_list() and compat_get_robust_list() could leak a user process’s robust_list pointer across an exec() transition. The issue arises because ptrace_may_access() checks permissions before an exec()...

5.8AI score0.00191EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-39977

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue...

7.1AI score0.00188EPSS
Exploits0References3
OSV
OSV
added 2025/10/15 7:55 a.m.9 views

CVE-2025-39977 futex: Prevent use-after-free during requeue-PI

In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue futexproxytrylockatomic futexrequeuepiprepare requeuepiwakefutex...

6.2AI score0.00188EPSS
Exploits0References8
CVE
CVE
added 2025/10/15 7:55 a.m.59 views

CVE-2025-39977

Summary (CVE-2025-39977): The Linux kernel fixes a race in futex_wait_requeue_pi that could enable a use-after-free of futex_q during requeue-PI wakeups. The issue arises when T1 is woken and the code path can leave futex_wait_requeue_pi() without using futex_q::lock_ptr for synchronization. The ...

6AI score0.00188EPSS
Exploits0References6
OSV
OSV
added 2021/04/13 8:41 p.m.13 views

USN-4910-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities

Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. CVE-2021-20239 It was discovered that the BPF verifier in the Linux...

7.8CVSS6.9AI score0.02417EPSS
Exploits1References6
Rows per page
Query Builder