PT-2026-7416

Name of the Vulnerable Software and Affected Versions MongoDB affected versions not specified Description The internal locking mechanism within the MongoDB server utilizes an internal encoding of resources to determine which lock to acquire. A collision can occur where collections inadvertently...

PUB-A-419088687

In aoccread of aocchanneldev.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

📄 macOS 18.3.2 Kernel Privilege Escalation

macOS version 18.3.2 proof of concept exploit for an old kernel related privilege escalation vulnerability. A critical memory management vulnerability exists within the macOS XNU kernel's handling of the VMBEHAVIORZEROWIREDPAGES behavior flag. The issue arises from improper sequence validation wh...

ROS-20251201-04

Vulnerability of the lpfcelsretrydelay function of the drivers/scsi/lpfc/lpfcels.c module of the operating system kernel of Linux is related to improper resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of bloomfilter.c,...

ROS-20251128-04

Vulnerability of the smb2isvalidoplockbreak function in the fs/smb/client/smb2misc.c module of the SMB client implementation of the Linux kernel is related to the reuse of the previously released SMB protocol client implementation of the Linux kernel is related to the reuse of previously freed...

AMD Xilinx Run Time 安全漏洞

AMD Xilinx Run Time is a standardized runtime environment developed by AMD for Xilinx FPGAs that provides a unified software interface to optimize FPGA arithmetic. AMD Xilinx Run Time suffers from a locking protection deficiency vulnerability that can be exploited by an attacker to cause reuse...

CLSA-2025-1763731262 kernel: Fix of 63 CVEs

media: bttv: fix use after free error due to btv-timeout timer CVE-2023-52847 CVE-2023-52847 - firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 CVE-2022-50087 - wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 CVE-2023-53226 - vsock:...

Siemens SCALANCE and RUGGEDCOM Devices Improper Locking (CVE-2024-44952)

driver core: vulnerability due to a potential deadlock due to improper handling of device attributes and driver detachment, which has been fixed by using synchronizercu to prevent race conditions. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

Siemens SCALANCE and RUGGEDCOM Devices Improper Locking (CVE-2024-46791)

can: mcp251x: fix deadlock if an interrupt occurs during mcp251xopen The mcp251xhwwake function is called with the mpclock mutex held and disables the interrupt handler so that no interrupts can be processed while waking the device. This plugin only works with Tenable.ot. Please visit...

EUVD-2025-150373

In the Linux kernel, the following vulnerability has been resolved: kernel/sys.c: fix the racy usage of tasklocktsk-groupleader in sysprlimit64 paths The usage of tasklocktsk-groupleader in sysprlimit64-doprlimit path is very broken. sysprlimit64 does gettaskstructtsk but this only protects...

Siemens SIMATIC S7-1500 Improper Resource Locking (CVE-2024-26773)

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbtrybestfound. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Improper Resource Locking (CVE-2024-26679)

In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC S7-1500 Improper Resource Locking (CVE-2024-26772)

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a soft locking issue in mprotect's handling of large hugetlb memory...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990823)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990823 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pcibuslock One of the true positives that the cfgaccesslock...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990845)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990845 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix idatasem unlock order in ext4indmigrate Fuzzing reports a possible deadlock in...

kernel: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.

In the Linux kernel, the following vulnerability has been resolved: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to devioctl first and later forwarded to brioctlcall, which causes unnecessary RTNL dance and the splat below 0 under RTNL pressure. Let's say Thread A...

kernel: rxrpc: Fix missing locking causing hanging calls

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted e.g. because kafs saw a signal between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connecti...

kernel: net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()

A race condition was found in the SMC Shared Memory Communications networking subsystem. The smcllcsrvaddlink function lacks proper locking, allowing concurrent link additions that can corrupt link group state and crash the kernel...

kernel: sched/rt: Fix race in push_rt_task

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in pushrttask Overview ======== When a CPU chooses to call pushrttask and picks a task to push to another CPU's runqueue then it will call findlocklowestrq method which would take a double lock on both CPUs'...