4329 matches found
CVE-2023-53095 drm/ttm: Fix a NULL pointer dereference
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix a NULL pointer dereference The LRU mechanism may look up a resource in the process of being removed from an object. The locking rules here are a bit unclear but it looks currently like res-bo assignment is protected ...
The vulnerability of the ocfs2 component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the ocfs2 component in the Linux operating system is related to improper locking mechanisms. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2022-49931 IB/hfi1: Correctly move list in sc_disable()
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Correctly move list in scdisable Commit 13bac861952a "IB/hfi1: Fix abba locking issue with scdisable" incorrectly tries to move a list from one list head to another. The result is a kernel crash. The crash is triggered...
CVE-2025-23163
In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: 1.211455 ============================================ 1.211571 WARNING: possible recursive locking detected 1.21168...
DEBIAN-CVE-2025-23163
In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: 1.211455 ============================================ 1.211571 WARNING: possible recursive locking detected 1.21168...
CVE-2025-23163
CVE-2025-23163 relates to a Linux kernel issue in VLAN handling: net: vlan: don't propagate flags on open. The root cause is a possible deadlock when opening VLAN devices due to the device instance lock, where a task may try to acquire dev->lock while already holding it (seen in dev_open + dev...
CVE-2025-23163 net: vlan: don't propagate flags on open
In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: 1.211455 ============================================ 1.211571 WARNING: possible recursive locking detected 1.21168...
CVE-2025-23163 net: vlan: don't propagate flags on open
In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: 1.211455 ============================================ 1.211571 WARNING: possible recursive locking detected 1.21168...
SUSE CVE-2025-2817
Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations...
CVE-2025-2817
Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations...
CVE-2025-2817
Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations...
CVE-2025-2817
Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations...
CVE-2025-2817
Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations...
CVE-2025-2817 Privilege escalation in Thunderbird Updater
Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations...
CVE-2025-2817
The CVE-2025-2817 issue describes a vulnerability in Thunderbird’s update mechanism where a medium-integrity user process could interfere with the SYSTEM updater by manipulating file-locking, enabling privilege escalation via code injection into a user-privileged process. Affected products includ...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 138, which stems from a mishandled file locking behavior that could lead to elevated privileges...
PT-2025-23158
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, related to the erofs file system. The issue arises when bio add folio fails due to being full, and erofs fileio scan folio retrie...
Mozilla -- control access bypass
[email protected] reports: Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowin...
PT-2025-17634 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: IntelR Core Ultra Processors affected versions not specified Description: The issue is related to improper locking in the IntelR Integrated Connectivity I/O interface CNVi for some IntelR Core Ultra Processors. This may allow an unauthenticat...
Vulnerabilities of the functions pvr_queue_fence_get_driver_name() and pvr_queue_fence_init() (drivers/gpu/drm/imagination/pvr_queue.c) in the Linux kernel, allowing a hacker to cause a service failure
The vulnerabilities of the functions pvrqueuefencegetdrivername and pvrqueuefenceinit drivers/gpu/drm/imagination/pvrqueue.c in the Linux kernel are related to insufficient locking. Exploiting these vulnerabilities could allow an attacker to trigger a service failure...