4292 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of locking protection for the path kfree function in mm damon sysfs-schemes. This...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the content-locking process. An attacker can obtain email addresses and identifiers of users who should be inaccessible by sending requests as an authenticated user with restricted users.access or users.list...
EUVD-2026-32370
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...
EUVD-2025-209973
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now nireadfoliocmpr. This is caused by a lock inversion deadlock involving the inode mutex nilock and page locks. Scenario: 1. Task A enters...
CVE-2026-46063
In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...
CVE-2026-45904
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...
CVE-2026-45849
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...
UBUNTU-CVE-2026-45849
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelotportxmitinj ocelotportxmitinj calls ocelotcaninject and ocelotportinjectframe without holding the injection group lock. Both functions contain lockdepassertheld for the...
EUVD-2026-32445
In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...
CVE-2026-46063 x86/shstk: Prevent deadlock during shstk sigreturn
In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...
CVE-2026-45904 powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...
CVE-2026-45904
CVE-2026-45904 – powerpc/eeh locking fix in Linux kernel : The vulnerability was resolved by a patchset that corrects recursive locking between EEH (Enhanced Error Handling) and PCI hotplug logic. The root cause was that eeh_handle_normal_event() acquired pci_lock_rescan_remove() before calling e...
CVE-2026-45904
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...
CVE-2025-71309 fs/ntfs3: fix deadlock in ni_read_folio_cmpr
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now nireadfoliocmpr. This is caused by a lock inversion deadlock involving the inode mutex nilock and page locks. Scenario: 1. Task A enters...
Linux Distros Unpatched Vulnerability : CVE-2026-45904
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 powerpc/eeh: Make EEH driver device hotplug safe...
Linux Distros Unpatched Vulnerability : CVE-2026-46056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcievent: fix potential UAF in SSP passkey handlers hciconn lookup and field access must be covered by hdev lock in hciuserpasskeynotifyevt and...
PT-2026-43771
Name of the Vulnerable Software and Affected Versions Linux kernel version 6.18.0-rc3 Description An issue in the Enhanced Error Handling EEH driver for powerpc leads to recursive locking. The function eeh handle normal event acquires the pci lock rescan remove lock before calling eeh pe bus get,...
CVE-2026-42002
A flaw was found in pdns-recursor. Concurrency and locking defects in the Generic Security Service Algorithm for Secret Key Transaction Signatures GSS-TSIG could allow a remote attacker to cause a denial of service...
PT-2026-43440
Name of the Vulnerable Software and Affected Versions Pterodactyl versions prior to 1.12.3 Description The Client API contains a logic flaw allowing users to bypass assigned limits for database allocations. This occurs because the database locking mechanism within the controllers is ineffective...
OESA-2026-2415 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the devi...