4327 matches found
CVE-2022-49733 ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is called from OSS PCM SNDCTLDSPSYNC ioctl; namely the function calls sndpcmossmakeready at first, then takes the paramslock mutex for t...
Race Condition
Overview Affected versions of this package are vulnerable to Race Condition in their random number generation routines in randomengine.cpp file. The vulnerable functions were the unsynchronised random engine methods, now mitigated by proper mutex locking. Remediation Upgrade com.kuzudb:kuzu to...
Race Condition
Overview kuzu is an An in-process property graph database management system built for query speed and scalability. Affected versions of this package are vulnerable to Race Condition in their random number generation routines in randomengine.cpp file. The vulnerable functions were the unsynchronis...
WordPress Secure Copy Content Protection and Content Locking plugin <= 4.4.7 - Missing Authorization to Unauthenticated User Email Retrieval via ays_sccp_reports_user_search Function vulnerability
Missing Authorization to Unauthenticated User Email Retrieval via ayssccpreportsusersearch Function vulnerability discovered by Krzysztof Zając in WordPress Plugin Secure Copy Content Protection and Content Locking versions = 4.4.7...
WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...
SUSE CVE-2025-21749
In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rosebind syzbot reported a soft lockup in roseloopbacktimer, with a repro calling bind from multiple threads. rosebind must lock the socket to avoid this issue...
CVE-2025-21820
In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
DEBIAN-CVE-2025-21820
In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
DEBIAN-CVE-2025-21811
In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfslookupdirtydatabuffers, which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For...
CVE-2025-21809
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpcpeer objects. The address list is freed under RCU and at this time, it puts the refs on those peers...
UBUNTU-CVE-2025-21811
In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfslookupdirtydatabuffers, which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For...
CVE-2025-21820 tty: xilinx_uartps: split sysrq handling
In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
CVE-2025-21820
CVE-2025-21820 affects the Linux kernel tty/xilinx_uartps driver. A deadlock could occur due to a circular lock dependency between uart_port_lock and console_lock when handling sysrq. The fix splits sysrq handling into two parts: using a prepare step under the port lock and deferring actual handl...
CVE-2025-21820 tty: xilinx_uartps: split sysrq handling
In the Linux kernel, the following vulnerability has been resolved: tty: xilinxuartps: split sysrq handling lockdep detects the following circular locking dependency: CPU 0 CPU 1 ========================== ============================ cdnsuartisr printk uartportlockport consolelock...
CVE-2025-21809
In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpcpeer objects. The address list is freed under RCU and at this time, it puts the refs on those peers...
CVE-2024-58042
CVE-2024-58042 relates to the Linux kernel and fixes a potential deadlock in rhashtable growth logic. The original implementation could trigger a deadlock chain involving nested locks between the rhashtable bucket, rq lock, and dsq lock. The fix moves the hash table growth check and work scheduli...
CVE-2025-21749
In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rosebind syzbot reported a soft lockup in roseloopbacktimer, with a repro calling bind from multiple threads. rosebind must lock the socket to avoid this issue...
SUSE CVE-2022-49584
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: unable to handle kernel paging...
CVE-2025-21753 btrfs: fix use-after-free when attempting to join an aborted transaction
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fsinfo-translock and without holding any...
CVE-2025-21749
CVE-2025-21749: In the Linux kernel, the Rose network layer is affected. The issue arises in rose_bind() where the socket must be locked to prevent a soft lockup triggered by a repro that binds from multiple threads, as reported by syzbot (rose_loopback_timer()). Affected component: roseBind path...