EUVD-2026-2683

An Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. If an SRX Series device receives a specifically malformed GPRS Tunnelling Protocol GTP Modify Bearer Request message, ...

CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

SUSE CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002645)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002645 advisory. sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a deni...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002276 advisory. The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows loca...

Linux Distros Unpatched Vulnerability : CVE-2025-71126

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at...

Race Condition within a Thread

Overview outray is an OutRay CLI - Expose your local server to the internet Affected versions of this package are vulnerable to Race Condition within a Thread due to the lack of transaction locking mechanisms in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts. An attacker can obtain mor...

CVE-2025-71126

In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme 1 Not tainted --------------------------------------------...

CVE-2025-71126

In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme 1 Not tainted --------------------------------------------...

kernel: net/mlx5e: Check for NOT_READY flag state after locking

A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...

Outray 安全漏洞

Outray is a local server building tool from OutRay open source. A security vulnerability exists in Outray versions prior to 0.1.5, which stems from a missing database transaction locking mechanism that could lead to free plan users acquiring more subdomains than expected...

ROS-20260114-7319

A vulnerability in the Linux operating system kernel is related to incorrect resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-22050

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none...

CVE-2025-71065

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi-cprwsem -- fsreclaim -- sbinternal2 Possible unsafe locking scenario: CPU0 CPU1 ----...

CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

CVE-2025-71065

The CVE-2025-71065 entry concerns a deadlock in the Linux kernel’s f2fs subsystem. The provided details describe a four-lock deadlock chain involving: Lock A (fs_reclaim), Lock B (sb_start_intwrite), Lock C (f2fs_lock_op), and Lock D (f2fs_down_write). The root-cause trace shows kswapd and other ...

CVE-2025-71065 f2fs: fix to avoid potential deadlock

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi-cprwsem -- fsreclaim -- sbinternal2 Possible unsafe locking scenario: CPU0 CPU1 ----...

CVE-2025-68809 ksmbd: vfs: fix race on m_flags in vfs_cache

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

CVE-2025-68809

CVE-2025-68809 concerns the Linux kernel ksmbd subsystem. It describes a data race on ksmbd_inode->m_flags used to track delete-on-close and pending-delete states, caused by inconsistent locking in vfs_cache.c (some paths use ci->m_lock, others do not). The vulnerability can lead to loss or...