7 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: IB/cm: A drop lockdep assertion and WARN are issued when freeing old messages. The send completion handler can run after cmid has advanced to another message. In this case, the cmid lock is not necessary. However, a recent change...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipmi: Fixed use-after-free and list corruption on sender errors. The analysis from Breno indicates that when the SMI sender returns an error, the smiwork function delivers an error response but then jumps back to restart without...
EUVD-2025-20961
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-38287
In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg, which...
CVE-2025-38287 IB/cm: Drop lockdep assert and WARN when freeing old msg
In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg, which...
CVE-2025-38287
CVE-2025-38287 affects the Linux kernel InfiniBand subsystem (IB_cm). The issue occurs when freeing old cm_priv_msg via cm_free_priv_msg() after cm_id has advanced, where a lock held assertion and WARN triggers due to reuse of the cm_id lock. This could allow a local attacker to trigger a denial ...
PT-2025-29007
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was identified in the Linux kernel’s IB/cm subsystem. The send completion handler could execute after the cm id had progressed to a new message. While the cm id lock wasn’t...