4401 matches found
CVE-2026-64100
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix shrinker deadlock With PROVELOCKING on an Snapdragon X1 and VM reclaim pressure, we see: ====================================================== WARNING: possible circular locking dependency detected 7.0.0-debug+ 43...
CVE-2026-64095
In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: avoid double decrement of bla.numrequests The bla.numrequests is increased when no requestsent was in progress. And it is decremented in various places announcement was received, backbone is purged, periodic work...
CVE-2026-64068
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix missing locking around retry adding new subreqs Fix netfsretryreadsubrequests and netfsretrywritestream to take the appropriate lock when adding extra subrequests into stream-subrequests...
CVE-2026-64057
In the Linux kernel, the following vulnerability has been resolved: afs: Fix the locking used by afsgetlink The afs filesystem in the kernel doesn't do locking correctly for symbolic links. There are a number of problems: 1 It doesn't do any locking around afsreadsingle to prevent races between...
CVE-2026-64015
In the Linux kernel, the following vulnerability has been resolved: security/keys: fix missed RCU read section on lookup Nicholas Carlini reports that the keyring code calls assocarrayfind in findkeytoupdate without holding the RCU read lock, while the assocarraygc code really is designed around...
CVE-2026-64004
In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix locking in .getsockopt Mirror iucvsocksetsockopt and wrap the whole switch in locksock/releasesock. The pre-existing SOMSGLIMIT-only lock becomes redundant and is removed. Any AFIUCV HIPER user can potentially crash...
CVE-2026-63871 Bluetooth: ISO: Fix data-race on iso_pi fields in hci_get_route calls
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix data-race on isopi fields in hcigetroute calls isoconnectbis, isoconnectcis, isolistenbis, and isoconnbigsync call hcigetroute using isopisk-dst, isopisk-src, and isopisk-srctype without holding locksock. Thes...
CVE-2026-53388
In the Linux kernel, the following vulnerability has been resolved: fuse: re-lock request before replacing page cache folio fusetrymovefolio unlocks the request on entry but does not re-lock it on the success path. This means fusechanabort can end the request and free the fuseioargs eg...
CVE-2026-45334
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, the content-locking feature returned lock information without checking the requesting user's access permissions. Kirby's Panel includes a content-locking feature that records which user currently has a model...
CVE-2026-45334 Kirby: Content locks disclose IDs and emails of inaccessible users from `users.access/list` permissions
Kirby is an open-source content management system. In versions prior to 4.9.1 and 5.4.1, the content-locking feature returned lock information without checking the requesting user's access permissions. Kirby's Panel includes a content-locking feature that records which user currently has a model...
The vulnerability of the module_emit_plt_entry() function in the module arch/loongarch/kernel/module-sections.c, which is part of the LoongArch architecture support in the Linux operating system, allows a hacker to trigger a service failure.
The vulnerability of the moduleemitpltentry function in the module arch/loongarch/kernel/module-sections.c, which is part of the LoongArch architecture support for the Linux operating system, is related to the occurrence of mutual locking. Exploiting this vulnerability could allow an attacker to...
SUSE CVE-2026-53049
In the Linux kernel, the following vulnerability has been resolved: gfs2: add some missing log locking Function gfs2logd calls the log flushing functions gfs2ail1start, gfs2ail1wait, and gfs2ail1empty without holding sdp-sdlogflushlock, but these functions require exclusion against concurrent...
PT-2026-55218
Name of the Vulnerable Software and Affected Versions goshs versions prior to 2.0.10 Description A race condition exists in the ShareHandler when processing share-link redemptions. The system reads the DownloadLimit of a share token using a read lock, releases it to serve the file, and only then...
Linux Distros Unpatched Vulnerability : CVE-2026-53054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm: Fix VMBIND UNMAP locking Wrong argument meant that the objs involved in UNMAP ops were not always getting locked. Since NOSHARE objs share a common res...
Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER
...
CVE-2026-54905
A flaw was found in concurrent-ruby. The Concurrent::ReentrantReadWriteLock component can incorrectly grant a write lock to a thread while other threads still hold or can acquire read locks. This occurs when a thread acquires a read lock 32,768 times, causing an internal counter to incorrectly...
CVE-2026-53054
A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically within the Qualcomm Adreno GPU MSM driver. An incorrect argument in the VMBIND UNMAP locking mechanism meant that certain objects involved in unmapping operations were not consistently locked. This could...
SUSE CVE-2026-53035
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix afunix iter deadlock bpfiterunixseqshow may deadlock when locksockfast takes the fast path and the iter prog attempts to update a sockmap. Which ends up spinning at sockmapupdateelem's bhlocksock: WARNING:...
SUSE CVE-2026-53227
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible kfreeskb of ERRPTR After the patch in the "Fixes" tag, the allocation of the "reply" skb can happen either before or after locking the ovsmutex. However, error cleanups still follow the classical...
CVE-2026-53072
A flaw was found in the Linux kernel's Bluetooth subsystem. Improper handling of locking within the hciconnrequestevt function, particularly when the HCIPROTODEFER protocol is active, can result in a Use-After-Free UAF vulnerability. This condition arises when a connection object is accessed afte...