4329 matches found
CVE-2025-21753 btrfs: fix use-after-free when attempting to join an aborted transaction
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when attempting to join an aborted transaction When we are trying to join the current transaction and if it's aborted, we read its 'aborted' field after unlocking fsinfo-translock and without holding any...
CVE-2025-21749
CVE-2025-21749: In the Linux kernel, the Rose network layer is affected. The issue arises in rose_bind() where the socket must be locked to prevent a soft lockup triggered by a repro that binds from multiple threads, as reported by syzbot (rose_loopback_timer()). Affected component: roseBind path...
CVE-2025-21749 net: rose: lock the socket in rose_bind()
In the Linux kernel, the following vulnerability has been resolved: net: rose: lock the socket in rosebind syzbot reported a soft lockup in roseloopbacktimer, with a repro calling bind from multiple threads. rosebind must lock the socket to avoid this issue...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling queue freezing and limiting the locking order, which could lead to a deadlock...
CVE-2022-49669
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race on unaccepted mptcp sockets When the listener socket owning the relevant request is closed, it frees the unaccepted subflows and that causes later deletion of the paired MPTCP sockets. The mptcp socket's worker ca...
CVE-2022-49662
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix lockdep splat in in6dumpaddrs As reported by syzbot, we should not use rcudereference when rcureadlock is not held. WARNING: suspicious RCU usage 5.19.0-rc2-syzkaller 0 Not tainted net/ipv6/addrconf.c:5175 suspicious...
CVE-2022-49607
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perfeventsetoutput and perfmmapclose Yang Jihing reported a race between perfeventsetoutput and perfmmapclose: CPU1 CPU2 perfmmapclosee2 if atomicdecandtest&e2-rb-mmapcount // 1 - 0 detachrest =...
CVE-2022-49584
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: unable to handle kernel paging...
DEBIAN-CVE-2022-49584
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: unable to handle kernel paging...
CVE-2022-49547
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between concurrent dio writes when low on free data space When reserving data space for a direct IO write we can end up deadlocking if we have multiple tasks attempting a write to the same file range, there ar...
CVE-2022-49441
In the Linux kernel, the following vulnerability has been resolved: tty: fix deadlock caused by calling printk under ttyport-lock ptywrite invokes kmalloc which may invoke a normal printk to print failure message. This can cause a deadlock in the scenario reported by syz-bot below: CPU0 CPU1 CPU2...
CVE-2022-49433
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent use of lock before it is initialized If there is a failure during probe of hfi1 before the sdmamaplock is initialized, the call to hfi1freedevdata will attempt to use a lock that has not been initialized. If th...
DEBIAN-CVE-2022-49398
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace listforeachentrysafe if using giveback The listforeachentrysafe macro saves the current item n and the item after n+1, so that n can be safely removed without corrupting the list. However, when traversi...
UBUNTU-CVE-2022-49584
In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriovnumvfs to zero It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic. BUG: unable to handle kernel paging...
UBUNTU-CVE-2022-49446
In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, deviceprepare, operations, and deviceshutdown operations for 'ndregion' devices: Chain exis...
CVE-2022-49584
CVE-2022-49584 is a Linux kernel issue in the ixgbe driver where disabling SR-IOV (setting sriov_numvfs to zero) can race with the PF driver, potentially causing a kernel panic. The root cause is a lack of locking during the disable path, allowing VF mailbox communication to proceed concurrently....
CVE-2022-49443 list: fix a data-race around ep->rdllist
In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep-rdllist eppoll first calls epeventsavailable with no lock held and checks if ep-rdllist is empty by listemptycareful, which reads rdllist-prev. Thus all accesses to it need some protection to avoid...
CVE-2022-49443
CVE-2022-49443 relates to a data race in Linux kernel epoll during epoll_wait, caused by lockless access to ep->rdllist via ep_events_available and list handling. The issue manifests as a KCSAN-detected race between ep_start_scan/ep_send_events and do_epoll_wait, potentially affecting availabi...
CVE-2022-49443
In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep-rdllist eppoll first calls epeventsavailable with no lock held and checks if ep-rdllist is empty by listemptycareful, which reads rdllist-prev. Thus all accesses to it need some protection to avoid...
CVE-2022-49441 tty: fix deadlock caused by calling printk() under tty_port->lock
In the Linux kernel, the following vulnerability has been resolved: tty: fix deadlock caused by calling printk under ttyport-lock ptywrite invokes kmalloc which may invoke a normal printk to print failure message. This can cause a deadlock in the scenario reported by syz-bot below: CPU0 CPU1 CPU2...