SUSE CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002645)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002645 advisory. sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a deni...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002276 advisory. The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows loca...

Linux Distros Unpatched Vulnerability : CVE-2025-71126

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at...

Race Condition within a Thread

Overview outray is an OutRay CLI - Expose your local server to the internet Affected versions of this package are vulnerable to Race Condition within a Thread due to the lack of transaction locking mechanisms in main/apps/web/src/routes/api/$orgSlug/subdomains/index.ts. An attacker can obtain mor...

CVE-2025-71126

In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme 1 Not tainted --------------------------------------------...

CVE-2025-71126

In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme 1 Not tainted --------------------------------------------...

kernel: net/mlx5e: Check for NOT_READY flag state after locking

A race condition was found in the Linux kernel Mellanox mlx5 network driver's traffic control offload flow management. A local user with privileges to configure traffic control flower filters can trigger concurrent flow deletion operations where the NOTREADY flag is checked before acquiring the...

Outray 安全漏洞

Outray is a local server building tool from OutRay open source. A security vulnerability exists in Outray versions prior to 0.1.5, which stems from a missing database transaction locking mechanism that could lead to free plan users acquiring more subdomains than expected...

ROS-20260114-7319

A vulnerability in the Linux operating system kernel is related to incorrect resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-22050

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none...

CVE-2025-71065

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi-cprwsem -- fsreclaim -- sbinternal2 Possible unsafe locking scenario: CPU0 CPU1 ----...

CVE-2025-68809

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

CVE-2025-71065

The CVE-2025-71065 entry concerns a deadlock in the Linux kernel’s f2fs subsystem. The provided details describe a four-lock deadlock chain involving: Lock A (fs_reclaim), Lock B (sb_start_intwrite), Lock C (f2fs_lock_op), and Lock D (f2fs_down_write). The root-cause trace shows kswapd and other ...

CVE-2025-71065 f2fs: fix to avoid potential deadlock

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi-cprwsem -- fsreclaim -- sbinternal2 Possible unsafe locking scenario: CPU0 CPU1 ----...

CVE-2025-68809

CVE-2025-68809 concerns the Linux kernel ksmbd subsystem. It describes a data race on ksmbd_inode->m_flags used to track delete-on-close and pending-delete states, caused by inconsistent locking in vfs_cache.c (some paths use ci->m_lock, others do not). The vulnerability can lead to loss or...

CVE-2025-68809 ksmbd: vfs: fix race on m_flags in vfs_cache

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Ensure that memcg is instructed to use allowspinning=false in bpftimerinit. Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as an...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a race condition in the RPC handle list access mechanism. The sess-rpchandlelist XArray manages RPC handles within a ksmbd session. Access to this list is intended to be protected by sess-rpclock a rwsemaphore...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: Insufficient locking for -dparent-d inode dereferencing. Theoretically, this could lead to an oops error due to a race condition, but I don’t believe anyone would actually exploit this vulnerability on real...