25 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46298
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Locking external INTx masking operations Masking operations by changing the config space can potentially cause races with the INTx configuration changes made via ioctl. Create wrappers that add locking mechanisms for...
Astra Linux - уязвимость в linux, linux-5.10
A race condition was identified in the vtkioctl function within drivers/tty/vt/vtioctl.c in the Linux kernel. This may lead to an out-of-bounds read, as the write access to vcmode is not protected by a lock in vtioctl KDSETMDE. The primary threat of this vulnerability is data confidentiality...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Ensure that write operations are atomic. syzbot reported a NULL pointer dereference in genericfilewriteiter. Before the write operation is completed, the user executes ioctl to clear the compress flag of the file. This...
CVE-2026-23121
In the Linux kernel, the following vulnerability has been resolved: mISDN: annotate data-race around dev-work dev-work can re read locklessly in mISDNread and mISDNpoll. Add READONCE/WRITEONCE annotations. BUG: KCSAN: data-race in mISDNioctl / mISDNread write to 0xffff88812d848280 of 4 bytes by...
CVE-2026-23121 mISDN: annotate data-race around dev->work
In the Linux kernel, the following vulnerability has been resolved: mISDN: annotate data-race around dev-work dev-work can re read locklessly in mISDNread and mISDNpoll. Add READONCE/WRITEONCE annotations. BUG: KCSAN: data-race in mISDNioctl / mISDNread write to 0xffff88812d848280 of 4 bytes by...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001504)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001504 advisory. A race problem was seen in the vtkioctl in drivers/tty/vt/vtioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vcmode is...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992723)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992723 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first...
CVE-2025-68735
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUPCREATE ioctl function, which arose as pointer to the group is accessed in that ioctl function after...
Linux Distros Unpatched Vulnerability : CVE-2025-39826
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: rose: convert 'use' field to refcountt The 'use' field in struct roseneigh is used as a reference counter but lacks atomicity. This can lead to race...
AZL-67434 CVE-2025-39826 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcountt The 'use' field in struct roseneigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a roseneigh structure is freed while still being reference...
CVE-2025-39826
In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcountt The 'use' field in struct roseneigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a roseneigh structure is freed while still being reference...
Linux Distros Unpatched Vulnerability : CVE-2023-51781
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 6.6.8. atalkioctl in net/appletalk/ddp.c has a use- after-free because of an atalkrecvmsg race condition...
Linux Distros Unpatched Vulnerability : CVE-2025-37806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in genericfilewriteiter. 1 Before the write operation is completed, the user...
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2025-1520)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : cifs: Fix UAF in cifsdemultiplexthread.CVE-2023-52572 xsk: fix OOB map writes when deleting elementsCVE-2024-56614 net: defer final 'struct net'...
AZL-62702 CVE-2025-22111 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first and later forwarded to brioctlcall, which causes unnecessary RTNL dance and the splat below 0 under RTNL pressure. Let's say Thread A...
SUSE CVE-2016-0723
Race condition in the ttyioctl function in drivers/tty/ttyio.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service use-after-free and system crash by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl...
PT-2022-36532 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.300 Description: The issue is related to a misbehavior in the dm ioctl when list versions races with module loading. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2022-35789 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.262 Description: The issue is related to a race between quota enable and quota rescan ioctl in btrfs. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-5934
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.19.12 Description The issue is related to a race condition in the Linux kernel, specifically in the drivers/char/pcmcia/synclink cs.c file. This condition can lead to a use-after-free scenario if a physically...