GHSA-WV3X-4VXV-WHPP Concurrent Ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

Summary Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is used as WRITELOCKHELD...

CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of mutual exclusion protection for class/subclass/protocol options in USB Gadget FRNDIS...

CVE-2026-43143

In the Linux kernel, CVE-2026-43143 fixes a concurrency issue in the multi-function device (mfd) core: access/modification of the mfd_of_node_list was not mutex-protected, risking unsafe list manipulation and potential crashes. The fix adds a mutex to guard this list, reducing crash likelihood. P...

CVE-2026-43143 mfd: core: Add locking around 'mfd_of_node_list'

In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfdofnodelist' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access / modify 'mfdofnodelist' to prevent possible crashes...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Added mutual exclusion in procsctpdoudpport. We must serialize calls to sctpudpsockstop and sctpudpsockstart, or risk a crash, as syzbot reported: Oops: General protection fault, likely due to a non-canonical address...

CVE-2026-23420

CVE-2026-23420 affects the Linux kernel wlcore Wi‑Fi driver. The issue is a locking-order bug where wl->mutex could be unlocked without being held, as identified by a Clang thread-safety analyzer. This is associated with potential synchronization instability; patches exist in Rootio‑Linux pack...

CVE-2019-16137

An issue was discovered in the spin crate before 0.5.2 for Rust, when RwLock is used. Because memory ordering is mishandled, two writers can acquire the lock at the same time, violating mutual exclusion...

SUSE CVE-2025-68756

In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...

EUVD-2023-60404

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to trigger the following panic: PID: 5900 TASK: ffff88c1c8af4100 CPU: 1 COMMAND: "kworker/1:48" 0 ffff9456c1cc79a0 machinekexec at...

kernel: Bluetooth: L2CAP: Fix user-after-free

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from uninitialized HWS action reference counting and mutual exclusion locks in the net/mlx5 component, which could le...

EUVD-2021-1759

Malware in sbrugna...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-386515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-386515 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect references to superblock parameters exposed in sysfs The superblock buffers of...

EUVD-2023-48478

Malicious code in bioql PyPI...

EUVD-2025-11245

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of mutual exclusion lock protection and could cause the kernel to crash...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of mutual exclusion protection in concurrent calls to asuswmiregisterdriver, which could lead to memo...

sctp: add mutual exclusion in proc_sctp_do_udp_port()

...

Linux Distros Unpatched Vulnerability : CVE-2025-37745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PM: hibernate: Avoid deadlock in hibernatecompressorparamset syzbot reported a deadlock in locksystemsleep see below. The write operation to...