48 matches found
UBUNTU-CVE-2026-53227
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible kfreeskb of ERRPTR After the patch in the "Fixes" tag, the allocation of the "reply" skb can happen either before or after locking the ovsmutex. However, error cleanups still follow the classical...
CVE-2026-53227
CVE-2026-53227 : In the Linux kernel’s net/openvswitch path, the patch fixes a bug where a reply skb could be freed after unlocking when its allocation happens after locking the ovs_mutex and returns an error. The root cause is that the error value is saved but the pointer remains non-NULL, leadi...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: fixed a data race in ipv6mcdown / mldifcwork. idev-mcifccount can be written to 0xffff88813a80c832, which is 1 byte, by task 3771 on CPU 0: mldifcstopwork in net/ipv6/mcast.c:1080 inline ipv6mcdown+0x10a/0x280 in...
PT-2026-41967
Name of the Vulnerable Software and Affected Versions Mailpit affected versions not specified Description A remote, unauthenticated attacker can cause a denial of service DoS by crashing the Mailpit process. The issue occurs because the screenshot/print proxy reads a package-level assets cache...
SUSE CVE-2026-43143
In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfdofnodelist' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access / modify 'mfdofnodelist' to prevent possible crashes...
UBUNTU-CVE-2026-43423
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-43319
In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different orders depending on the code path: write/read: buflock - spilock ioctl...
CVE-2026-43319
In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different orders depending on the code path: write/read: buflock - spilock ioctl...
EUVD-2026-27704
In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfdofnodelist' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access / modify 'mfdofnodelist' to prevent possible crashes...
CVE-2026-43143 mfd: core: Add locking around 'mfd_of_node_list'
In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfdofnodelist' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access / modify 'mfdofnodelist' to prevent possible crashes...
PT-2026-37483
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lack of mutual exclusion when manipulating the mfd of node list list in the kernel can lead to potential system crashes. This occurs because accessing or modifying the list without...
CVE-2026-23420
A flaw was found in the Linux kernel's wlcore Wi-Fi driver. This vulnerability involves an improper handling of a locking mechanism, specifically the wl-mutex. This can lead to system instability or unexpected behavior. The issue was identified by a thread-safety analyzer. Mitigation To mitigate...
UBUNTU-CVE-2026-23420
In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...
CVE-2026-23186 hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify()
In the Linux kernel, the following vulnerability has been resolved: hwmon: acpipowermeter Fix deadlocks related to acpipowermeternotify The acpipowermeter driver's .notify callback function, acpipowermeternotify, calls hwmondeviceunregister under a lock that is also acquired by callbacks in sysfs...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003927)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003927 advisory. In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free ...
UBUNTU-CVE-2025-68732
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1xsyncptalloc and host1xsyncptput by using krefputmutex instead of krefput + manual mutex locking. This ensures no thread can acquire the syncptmutex after...
CVE-2025-68732
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1xsyncptalloc and host1xsyncptput by using krefputmutex instead of krefput + manual mutex locking. This ensures no thread can acquire the syncptmutex after...
CVE-2025-68371
CVE-2025-68371 relates to the Linux kernel SCSI smartpqi driver. A race between the abort handler that schedules a LUN reset and device removal via sdev_destroy() could cause the LUN reset to run after the device was removed, leading to use‑after‑free and access to freed resources. The fix, as do...
UBUNTU-CVE-2025-68319
In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire sumutex before navigating configs hierarchy There is a race between operations that iterate over the userdata cgchildren list and concurrent add/remove of userdata items through configfs. The updateuserdata...
UBUNTU-CVE-2025-68292
In the Linux kernel, the following vulnerability has been resolved: mm/memfd: fix information leak in hugetlb folios When allocating hugetlb folios for memfd, three initialization steps are missing: 1. Folios are not zeroed, leading to kernel memory disclosure to userspace 2. Folios are not marke...