130 matches found
Canonical Ubuntu Linux 安全漏洞
Canonical Ubuntu Linux is a Linux operating system developed by the British company Canonical. The Canonical Ubuntu Linux 6.8 version contained a security vulnerability. This vulnerability stemmed from the lack of lock acquisition when modifying linked lists, which could lead to race conditions...
TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: afunix: Fixed a data race in unixdgrampeerwakeme. The unixdgrampoll function calls unixdgrampeerwakeme without ensuring that the other lock is held, and without checking whether its receive queue is full. In this case, we need to...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate lockless accesses to nlk-maxrecvmsglen. syzbot reported a data race in netlinkrecvmsg 1. Indeed, netlinkrecvmsg can be executed concurrently, and netlinkdump also requires protection. 1 Bug: KCSAN: Data race ...
EUVD-2026-28688
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...
CVE-2026-43382
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...
CVE-2026-43382
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...
CVE-2026-43382 batman-adv: Avoid double-rtnl_lock ELP metric worker
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...
CVE-2026-43382
Summary: CVE-2026-43382 affects the Linux kernel batman-adv component. The issue arises when batadv_v_elp_get_throughput() runs with the RTNL lock already held, which could cause a deadlock during cancellation of a work item. The fix switches to rtnl_trylock to skip ethtool retrieval if the RTNL ...
CVE-2026-43382
In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep-rdllist eppoll first calls epeventsavailable with no lock held and checks if ep-rdllist is empty by listemptycareful, which reads rdllist-prev. Thus all accesses to it need some protection to avoid...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Perform lockless command completion in the abort path When adding or removing controllers, the following call trace was observed: WARNING: CPU: 3 PID: 623596 at kernel/dma/mapping.c:532 dmafree attrs+0x33/0x50 CPU:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to u...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013000)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013000 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk-maxrecvmsglen syzbot reported a data-race in data-race...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006583)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006583 advisory. In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif whi...
Linux Distros Unpatched Vulnerability : CVE-2026-23449
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: teql: Fix double-free in teqlmasterxmit Whenever a TEQL devices has a lockless Qdisc as root, qdiscreset should be called using the seqlock to avoid...
EUVD-2026-18698
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teqlmasterxmit Whenever a TEQL devices has a lockless Qdisc as root, qdiscreset should be called using the seqlock to avoid racing with the datapath. Failure to do so may cause crashes like the...
CVE-2026-23449
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teqlmasterxmit Whenever a TEQL devices has a lockless Qdisc as root, qdiscreset should be called using the seqlock to avoid racing with the datapath. Failure to do so may cause crashes like the...
UBUNTU-CVE-2026-23449
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teqlmasterxmit Whenever a TEQL devices has a lockless Qdisc as root, qdiscreset should be called using the seqlock to avoid racing with the datapath. Failure to do so may cause crashes like the...