21 matches found
SUSE CVE-2026-45949
In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...
UBUNTU-CVE-2026-45949
In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nfsd: Check that the server is running in unlockfilesystem. If we try to unlock the filesystem via an administrative interface, and nfsd is not running, it will cause the server to crash. This occurs currently because the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: Fixed a use-after-free of the addlock mutex Commit 6098475d4cb4 “spi: Fixed a deadlock when adding SPI controllers on SPI buses” introduced a per-controller mutex. However, the mutexunlock call for that lock occurs after the...
CVE-2025-71074
The CVE-2025-71074 issue affects Linux kernel functionfs, where open/removal races can leave file->private_data as a freed object, causing UAF on read/write. Root cause: ffs->opened is misused; synchronization via atomic_dec_and_test() is insufficient. The fix approach, as documented, is to...
CVE-2025-68800 mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992512)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992512 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling...
CVE-2025-68732
The CVE-2025-68732 entry refers to a Linux kernel vulnerability fixed in the gpu: host1x subsystem. The root cause was a race between host1x_syncpt_alloc() and host1x_syncpt_put(), mitigated by switching to kref_put_mutex() so the refcount drop to zero cannot race with syncpt_release acquiring th...
PT-2025-52925
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition existed between the host1x syncpt alloc and host1x syncpt put functions. The issue was addressed by utilizing kref put mutex instead of kref put combined with manual mut...
kernel: Bluetooth: L2CAP: Fix user-after-free
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...
Linux Distros Unpatched Vulnerability : CVE-2025-68292
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed,...
kernel: Bluetooth: L2CAP: Fix user-after-free
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988998)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988998 advisory. In the Linux kernel, the following vulnerability has been resolved: schcake: do not call cakedestroy from cakeinit qdiscs are not supposed to call their own destroy...
CVE-2022-50386
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...
Linux Distros Unpatched Vulnerability : CVE-2025-21986
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: switchdev: Convert blocking notification chain to a raw one A blocking notification chain uses a read-write semaphore to protect the integrity of the chai...
CVE-2025-38392 idpf: convert control queue mutex to a spinlock
In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2CAPMACFILTER enabled, the following warning is generated on module load: 324.701677 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578...
CVE-2025-38353
CVE-2025-38353: Linux kernel drm/xe wedge handling fix. Affected component: xe DRM path. Root cause: taking an invalid wedge lock when device wedges on GuC upload, leaving state uninitialized and submission not enabled. Impact: device wedged with recovery required; observed WARN/lock debugging ou...
UBUNTU-CVE-2025-38349
In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and then doing a mutexunlock&ep-mtx; afterwards. That's very wrong, because it can lead to a...
UBUNTU-CVE-2022-50035
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free on amdgpubolist mutex If amdgpucsvmhandling returns r != 0, then it will unlock the bolistmutex inside the function amdgpucsvmhandling and again on amdgpucsparserfini. This problem results in the...
UBUNTU-CVE-2022-49606
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix sleep from invalid context BUG Taking the qosmutex to process RoCEv2 QP's on netdev events causes a kernel splat. Fix this by removing the handling for RoCEv2 in irdmacmteardownconnections that uses the mutex. Thi...