42 matches found
PT-2025-38195
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential data race condition was identified within the rxrpc wait to be connected function in the Linux kernel. The issue arises from accessing call-error within a loop without first...
Linux Distros Unpatched Vulnerability : CVE-2023-53329
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq-stats increment KCSAN has discovered a data race in...
CVE-2023-53329
In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq-stats increment KCSAN has discovered a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-race i...
DEBIAN-CVE-2023-53329
In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq-stats increment KCSAN has discovered a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-race i...
CVE-2023-53329 workqueue: fix data race with the pwq->stats[] increment
In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq-stats increment KCSAN has discovered a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-race i...
CVE-2023-53329 workqueue: fix data race with the pwq->stats[] increment
In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq-stats increment KCSAN has discovered a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-race i...
PT-2025-38047
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.5.0-rc6+ through 6.5.0-rc7-kcsan-00169-g81eaf55a60fc Description: A data race exists in the Linux kernel's workqueue functionality, specifically related to the incrementing of pwq-stats. Kernel Concurrency Sanitizer...
virtio_ring: Fix data race by tagging event_triggered as racy for KCSAN
...
CVE-2025-38037
In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races The 'used' and 'updated' fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to reports such as 1. Can be reproduced using 2. Suppress these reports by...
DEBIAN-CVE-2025-38037
In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races The 'used' and 'updated' fields in the FDB entry structure can be accessed concurrently by multiple threads, leading to reports such as 1. Can be reproduced using 2. Suppress these reports by...
CVE-2025-38037
The CVE-2025-38037 issue affects the Linux kernel’s VXLAN FDB handling. The root cause is a data race where the FDB entry’s fields used and updated may be concurrently accessed by multiple threads, triggering KCSAN reports in vxlan_xmit paths. The fix is to annotate these accesses with READ_ONCE(...
PT-2025-20333
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data-race issue has been identified in the Linux kernel related to io uring. The issue arises when the request owner changes other flag bits, causing KCSAN to complain. The problem...
AZL-68621 CVE-2022-49420 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...
PT-2025-52664
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.111 Description The Linux kernel contains a data race condition within the do raw write lock function, specifically related to spinlock debugging. Kernel Concurrency Sanitizer KCSAN has identified a race...
DEBIAN-CVE-2024-56610
In the Linux kernel, the following vulnerability has been resolved: kcsan: Turn reportfilterlistlock into a rawspinlock Ran Xiaokai reports that with a KCSAN-enabled PREEMPTRT kernel, we can see splats like: | BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:48 |...
CVE-2024-53160
In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...
CVE-2024-53160
In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...
CVE-2024-53160 rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu
In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...
CVE-2024-36938 bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in skpsockskbingressenqueue Fix NULL pointer data-races in skpsockskbingressenqueue which syzbot reported 1. 1 BUG: KCSAN: data-race in skpsockdrop / skpsockskbingressenqueue write to...
CVE-2023-52578
CVE-2023-52578 affects the Linux kernel, specifically in the bridge code path (net/bridge) where br_handle_frame_finish() can race across CPUs, risking data races on dev->stats fields. The fix adopts SMP-safe DEV_STATS_INC() to update dev->stats (including tx_dropped) safely across CPUs, mi...