Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/client: The modes array contains pointers to modes in the connector’s mode lists, which are protected by dev-modeconfig.mutex. Therefore, we need to extend the protection for modes in the same way; otherwise, by the time we u...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: In the zone operation, the code must traverse devices under the chunkmutex in btrfscanactivatezone. The btrfscanactivatezone function can be called with the devicelistmutex already held, which could lead to a deadlock. ...

kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

CVE-2025-68800 mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...

regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex

...

SUSE CVE-2025-68354

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

CVE-2025-68354

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

CVE-2025-68354 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

CVE-2025-68354

CVE-2025-68354 affects the Linux kernel regulator core. The vulnerability occurred because regulator_supply_alias_list was accessed without locking during regulator_supply_alias(), regulator_register_supply_alias(), and regulator_unregister_supply_alias(), allowing race conditions that could caus...

EUVD-2022-55306

Malicious code in bioql PyPI...

CVE-2025-38117 Bluetooth: MGMT: Protect mgmt_pending list with its own lock

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmtpending list with its own lock This uses a mutex to protect from concurrent access of mgmtpending list which can cause crashes like: ==================================================================...

DEBIAN-CVE-2022-49079

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: traverse devices under chunkmutex in btrfscanactivatezone btrfscanactivatezone can be called with the devicelistmutex already held, which will lead to a deadlock: insertdevextents // Takes devicelistmutex -...

CVE-2022-49079

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: traverse devices under chunkmutex in btrfscanactivatezone btrfscanactivatezone can be called with the devicelistmutex already held, which will lead to a deadlock: insertdevextents // Takes devicelistmutex -...

UBUNTU-CVE-2022-49079

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: traverse devices under chunkmutex in btrfscanactivatezone btrfscanactivatezone can be called with the devicelistmutex already held, which will lead to a deadlock: insertdevextents // Takes devicelistmutex -...

AZL-55771 CVE-2024-54683 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: IDLETIMER: Fix for possible ABBA deadlock Deletion of the last rule referencing a given idletimer may happen at the same time as a read of its file in sysfs: | ====================================================== |...

kernel: drm/amdgpu: Fix use-after-free on amdgpu_bo_list mutex

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free on amdgpubolist mutex If amdgpucsvmhandling returns r != 0, then it will unlock the bolistmutex inside the function amdgpucsvmhandling and again on amdgpucsparserfini. This problem results in the...

Ubuntu 18.04 LTS : atftpd vulnerabilities (USN-4540-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4540-1 advisory. Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause...