CVE-2026-45849

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...

CVE-2025-71309 fs/ntfs3: fix deadlock in ni_read_folio_cmpr

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now nireadfoliocmpr. This is caused by a lock inversion deadlock involving the inode mutex nilock and page locks. Scenario: 1. Task A enters...

CVE-2025-71309

CVE-2025-71309 describes a deadlock in the Linux kernel ntfs3 code where an inode mutex (ni_lock) and per-page locks can invert order, causing a hang in ntfs_read_folio() / ni_read_folio_cmpr() during frame reads. The root cause is locking order: taking ni_lock in ntfs_read_folio() before acquiri...

CVE-2025-68711

AppLockZ App Lock and Fingerprint Lock applock.passwordfingerprint.applockz 4.2.11 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface...

CVE-2025-68708

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through...

CVE-2026-46093

mm/vmalloc: take vmappurgelock in shrinker...

PT-2026-43902

In the Linux kernel, the following vulnerability has been resolved: mm/page alloc: return NULL early from alloc frozen pages nolock in NMI on UP On UP kernels !CONFIG SMP, spin trylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, alloc frozen pages...

CVE-2026-45849

net: mscc: ocelot: add missing lock protection in ocelotportxmitinj...

PT-2026-43692

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in ni read folio cmpr Syzbot reported a task hung in ni readpage cmpr now ni read folio cmpr. This is caused by a lock inversion deadlock involving the inode mutex ni lock and page locks. Scenario: 1. Task ...

PT-2026-43809

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4 mb complex scan group:2508: gro...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the recursive locking of the pcilockrescanremove lock during EEH event handling. This locking...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the shrinker path of mm/vmalloc not acquiring the vmappurgelock lock. This could lead to...

PT-2026-43961

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmap purge lock in shrinker decay va pool node can be invoked concurrently from two paths: purge vmap area lazy when pools are being purged, and the shrinker via vmap node shrink scan. However, decay va pool node...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of injection group lock protection in the ocelotportxmitinj function of the net mscc ocelot...

CVE-2025-68712

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

PT-2026-43774

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlocks between devlink and netdev instance locks In the mentioned "Fixes" commit, various work tasks triggering devlink health reporter recovery were switched to use netdev trylock to protect against concurrent...

PT-2026-43875

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damos walk vs kdamond fn exit race When kdamond fn main loop is finished, the function cancels remaining damos walk request and unset the damon ctx-kdamond so that API callers and API functions themselves can...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from certain incorrect paths in ksmbd that do not invoke the ksmbdvfskernpathendremoving function. Thi...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a deadlock caused by the jbd2journalcancelrevoke function in jbd2. This issue may lead to an ABBA...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the retryalignedread function in md/raid5, causing a soft lock. This vulnerability may lead to an...