40 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemapgetreadbatch. If a read race occurs with an invalidation followed by another read, it is possible for a folio to be replaced with a higher-order folio. If this happens, we will see a...
EUVD-2026-26649
In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...
Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities
Summary Multiple security vulnerabilities in the dependent components have been addressed in the latest update to IBM Security Verify Governance. Vulnerability Details CVEID:CVE-2025-39697 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updati...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000759)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000759 advisory. Race condition in the keygcunusedkeys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service memory...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001754)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001754 advisory. A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty fi...
EUVD-2007-4755
Malware in sbrugna...
EUVD-2019-6004
Malware in sbrugna...
EUVD-2014-9741
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987096)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987096 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpprobethreshold. While reading sysctltcpprobethreshold, it ca...
UBUNTU-CVE-2022-50339
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...
CVE-2025-38132 coresight: holding cscfg_csdev_lock while removing cscfg from csdev
In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfgcsdevlock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 perf enable load module cscfgloadconfigsets activate config. // sysfs sysactivecnt == 1...
CVE-2022-50202 PM: hibernate: defer device probing when resuming from hibernation
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: defer device probing when resuming from hibernation syzbot is reporting hung task at miscopen 1, for there is a race window of AB-BA deadlock which involves probecount variable. Currently waitfordeviceprobe from...
CVE-2022-49814 kcm: close race conditions on sk_receive_queue
In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...
CVE-2022-49089 IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition
In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...
CVE-2022-49089
In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvterrorqp to prevent a race condition The documentation of the function rvterrorqp says both rlock and slock need to be held when calling that function. It also asserts using lockdep that both of...
USN-6896-5 linux-aws, linux-aws-5.4, linux-iot vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
CVE-2023-52480 ksmbd: fix race condition between session lookup and expire
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...
CVE-2024-24858 Race condition vulnerability in Linux kernel net/bluetooth in {conn,adv}_{min,max}_interval_set()
A race condition was found in the Linux kernel's net/bluetooth in conn,advmin,maxintervalset function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service...