7 matches found
CVE-2026-53096
CVE-2026-53096 affects Linux kernel code path in BPF dev_map_redirect_multi() where DEVMAP_HASH uses hlist_for_each_entry_safe() under RCU protection. The function iterates hash buckets without rcu_dereference(), exposing risk of partially constructed nodes on weakly-ordered architectures (ARM64,...
CVE-2026-53096 bpf: Use RCU-safe iteration in dev_map_redirect_multi() SKB path
In the Linux kernel, the following vulnerability has been resolved: bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but this function runs under RCU protection called from...
CVE-2026-43115
In the Linux kernel, the following vulnerability has been resolved: srcu: Use irqwork to start GP in tiny SRCU Tiny SRCU's srcugpstartifneeded directly calls schedulework, which acquires the workqueue pool-lock. This causes a lockdep splat when callsrcu is called with a scheduler lock held, due t...
SUSE CVE-2025-21684
In the Linux kernel, the following vulnerability has been resolved: gpio: xilinx: Convert gpiolock to raw spinlock irqchip functions may be called in raw spinlock context. Therefore, we must also use a raw spinlock for our own internal locking. This fixes the following lockdep splat: 5.349336...
kernel: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog()
CVE-2024-35892 is a vulnerability in the Linux kernel’s network scheduler caused by improper use of the qdisclookup function. This function assumes the global RTNL lock is held, but in the qdisctreereducebacklog function, only a local queue lock is used. This mismatch creates a race condition tha...
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-15020024194 fixes several issues. The following security issues were fixed: CVE-2021-47600: dm btree remove: fix use after free in rebalancechildren bsc1227472. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb:...
CVE-2023-6931
A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perfevent's readsize can overflow, leading to an heap out-of-bounds increment or write in perfreadgroup. We recommend upgrading past commit...