CVE-2026-45907 net/mlx5e: Fix deadlocks between devlink and netdev instance locks

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlocks between devlink and netdev instance locks In the mentioned "Fixes" commit, various work tasks triggering devlink health reporter recovery were switched to use netdevtrylock to protect against concurrent...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: 1.211455 ============================================ 1.211571 WARNING: possible recursive locking detected 1.21168...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021651 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: hfsplus: removed the mutexlock check in hfsplusfreeextents Syzbot reported an issue with the hfsplus filesystem: ------------ Cut here --- WARNING: CPU: 0 PID: 4400 at fs/hfsplus/extents.c:346 hfsplusfreeextents+0x700/0xad0 Ca...

CVE-2026-36957

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...

CVE-2026-36957

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...

CVE-2026-36957

The affected device is the Dbit Router, firmware V1.0.0 (Dbit N300 T1 Pro Easy Setup Wireless Wi‑Fi Router). The vulnerability is in the Boa web server URI handler, which can be exploited by sending a high-volume flood of HTTP GET requests to non-existent URIs, causing resource exhaustion (file d...

Dbit N300 T1 Pro 资源管理错误漏洞

The Dbit N300 T1 Pro is a wireless router device produced by the Dbit company. The Dbit N300 T1 Pro V1.0.0 version has a resource management vulnerability. This vulnerability stems from a denial-of-service attack in the boa Web server URI handler, which could allow attackers to exhaust system...

Exploit for CVE-2026-36957

CVE-2026-36957: Denial of Service via HTTP Flood on Boa Web Se...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-007581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007581 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externellb and reset are executed together When externellb and...

SUSE CVE-2026-23357

In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251xopen The mcp251xopen function call freeirq in its error path with the mpclock mutex held. But if an interrupt already occurred the interrupt handler will be waiting for the mpclo...

CVE-2026-23186 hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify()

In the Linux kernel, the following vulnerability has been resolved: hwmon: acpipowermeter Fix deadlocks related to acpipowermeternotify The acpipowermeter driver's .notify callback function, acpipowermeternotify, calls hwmondeviceunregister under a lock that is also acquired by callbacks in sysfs...

UBUNTU-CVE-2026-23165

In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the netdevice's rsslock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...

MiracleLinux 9 : kernel-5.14.0-503.35.1.el9_5 (AXSA:2025-9843:26)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9843:26 advisory. kernel: md: fix deadlock between mddevsuspend and flush bio CVE-2024-43855 Tenable has extracted the preceding description block directly from the MiracleLin...

kernel: mm: slub: avoid wake up kswapd in set_track_prepare

A deadlock lock recursion vulnerability exists in the linux kernel such that when CONFIGDEBUGOBJECTSTIMERS is set, may wake up kswapd in settrackprepare, and try to hold the percpuhrtimerbases lock...

UBUNTU-CVE-2023-54113

In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke callrcu, will dump rcuhead objects memory info, if the objects is not allocated from the slab allocator, the vmallocdumpobj will be invoke and the vmaparealock...

PT-2025-52957

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to a deadlock issue within the hns3 network driver. This issue occurs when the externel lb function and a reset operation are executed...

CVE-2025-68244

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990459)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990459 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: tty: serial: Fix deadlock in sa1100settermios There is a deadlock in sa1100settermios,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989766)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989766 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix deadlock in concurrent rename whiteout and inode writeback Following hung tasks:...