CVE-2026-23004 dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()

In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist syzbot was able to crash the kernel in rt6uncachedlistflushdev in an interesting way 1 Crash happens in listdelinit/INITLISTHEAD while writing list-prev, while the prior...

CVE-2026-23004

The CVE-2026-23004 issue in the Linux kernel concerns races in the IPv6 dst cache path (rt6_uncached_list_del/rt_del_uncached_list) leading to use-after-free during list_head initialization in INIT_LIST_HEAD, as observed by KASAN in rt6_uncached_list_flush_dev and related paths. The root cause is...

CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

CVE-2026-22980

The CVE-2026-22980 issue is confirmed to affect the Linux kernel and is addressed by a patch that fixes a race between v4_end_grace writes and server shutdown. The fix introduces two new fields in the nfsd network context: client_tracking_active (protected by nn->client_lock) and grace_end_for...

CVE-2026-22980 nfsd: provide locking for v4_end_grace

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

CVE-2026-22980 nfsd: provide locking for v4_end_grace

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

CVE-2026-22980

In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...

CVE-2025-15349

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

CVE-2025-15349

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of locking mechanisms in v4endgrace. This vulnerability may allow access to memory after...

Anritsu ShockLine: Competition condition issue vulnerability

Anritsu ShockLine is a series of vector network analyzers produced by Anritsu Corporation in Japan. Anritsu ShockLine has a vulnerability related to race conditions, which arises due to insufficient locking during object operations involving SCPI components. This vulnerability may lead to race...

Linux Distros Unpatched Vulnerability : CVE-2025-71159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free warning in btrfsgetorcreatedelayednode Previously,...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49855)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49855 advisory. - In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37988)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37988 advisory. - In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNTTREEBENEATH...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42315)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42315 advisory. - In the Linux kernel, the following vulnerability has been resolved: exfat: fix potential deadlock on...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38338)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38338 advisory. - In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46762)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46762 advisory. - In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38004)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38004 advisory. - In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcmop runtime...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37997)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37997 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in...