107 matches found
PT-2025-14320 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the drm/xe/hmm component. The issue involves dereferencing struct page pointers without holding the notifier lock, whi...
CVE-2025-21801
In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravbopen, ravbclose and wol operations must be performed under the rtnl lock to preven...
CVE-2022-49333
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...
CVE-2022-49333 net/mlx5: E-Switch, pair only capable devices
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...
Azure Linux 3.0 Security Update: kernel (CVE-2024-38780)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38780 advisory. - In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don't enable IRQ from...
Azure Linux 3.0 Security Update: kernel (CVE-2024-46750)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46750 advisory. - In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to...
CVE-2025-21672
In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...
CVE-2024-54460
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Fix circular lock in isolistenbis This fixes the circular locking dependency warning below, by releasing the socket lock before enterning isolistenbis, to avoid any potential deadlock with hdev lock. 75.307983...
PT-2025-34363
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists in the packet set ring and packet notifier functions within the net/packet module. This occurs when packet set ring releases po-bind lock, allowing another thre...
PT-2025-34411
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the hfsplus filesystem. Syzbot reported an issue where a mutex lock check in hfsplus free extents could trigger warnings and errors during...
CVE-2024-56592
In the Linux kernel, the following vulnerability has been resolved: bpf: Call freehtabelem after htabunlockbucket For htab of maps, when the map is removed from the htab, it may hold the last reference of the map. bpfmapfdputptr will invoke bpfmapfreeid to free the id of the removed map element...
CVE-2024-56694
In the Linux kernel, the following vulnerability has been resolved: bpf: fix recursive lock when verdict program return SKPASS When the streamverdict program returns SKPASS, it places the received skb into its own receive queue, but a recursive lock eventually occurs, leading to an operating syst...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-50245)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50245 advisory. - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix possible deadlock in mirea...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the sctpv6available function that may contain a post-release reuse issue due to not holding the rcu lock...
CLSA-2024-1731603213 Fix of 76 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcmsendmsg for the same socket. CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobjectuevent: Fix OOB access within zapmodaliasenv CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nftables: prefer...
Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001358 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-36899:...
CVE-2021-47449
In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e "ice: add lock around Tx timestamp tracker flush" added a lock around the Tx timestamp tracker flow which is used to cleanup any left over SKBs and prepare for...
PT-2024-24195 · Yealink · Yealink Vp59 Microsoft Teams Phone
Name of the Vulnerable Software and Affected Versions: Yealink VP59 Microsoft Teams Phone versions 91.15.0.118 through 122.15.0.141 Description: An issue allows a physically proximate attacker to disable the phone lock via the Walkie Talkie menu option. Recommendations: For Yealink VP59 Microsoft...
Important: thunderbird
Issue Overview: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. CVE-2024-1546 Through a series of API calls and...
CVE-2023-52524 net: nfc: llcp: Add lock when modifying device list
In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list needs its associated lock held when modifying it, or the list could become corrupted, as syzbot discovered...