EUVD-2026-38888

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential race condition in TLB sync During the TLB sync, we need to traverse and modify the page table, so we should hold the page table lock. Since full SMP support for threads within the same process is still missing,...

CVE-2026-53020

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential race condition in TLB sync During the TLB sync, we need to traverse and modify the page table, so we should hold the page table lock. Since full SMP support for threads within the same process is still missing,...

CVE-2026-53020

The CVE-2026-53020 entry documents a Linux kernel issue: a race condition during Translation Lookaside Buffer (TLB) synchronization when the page table is traversed and modified without holding the proper page table lock. The root cause is the lack of adequate locking during TLB sync, which can l...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: The folio lock is released upon a successful read from fscache. Under the current code, when cifsreadpageworker is called, the contract between the caller and the callee is that the callee should unlock the page. This is...

CVE-2025-71309 fs/ntfs3: fix deadlock in ni_read_folio_cmpr

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now nireadfoliocmpr. This is caused by a lock inversion deadlock involving the inode mutex nilock and page locks. Scenario: 1. Task A enters...

CVE-2025-71309

CVE-2025-71309 concerns the Linux kernel ntfs3 driver deadlock in ni_read_folio_cmpr (formerly ni_readpage_cmpr). The issue stems from lock inversion between the inode mutex (ni_lock) and per-page locks when reading a compressed frame, allowing Task A and Task B to deadlock. The symptom is a task...

CVE-2025-34467

ZwiiCMS versions prior to 13.7.00 contain a denial-of-service vulnerability in multiple administrative endpoints due to improper authorization checks combined with flawed resource state management. When an authenticated low-privilege user requests an administrative page, the application returns...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989929 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmutrygetdatapage looks up pages under cmdrlock, but i...

EUVD-2016-9499

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to release a page lock on an fscache read hit, which could cause subsequent read operations to blo...

EUVD-2023-59813

Malicious code in bioql PyPI...

CVE-2022-50285

In the Linux kernel, the following vulnerability has been resolved: mm,hugetlb: take hugetlblock before decrementing h-resvhugepages The h-hugepages counters are protected by the hugetlblock, but allochugepage has a corner case where it can decrement the counter outside of the lock. This could le...

CVE-2025-58145

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

UBUNTU-CVE-2025-39754

In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smapshugetlbrange and migration smapshugetlbrange handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUGON in pfnswapentrytopage. The race is as follows...

CVE-2025-58144

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs handling. A NULL...

CVE-2022-50089 btrfs: ensure pages are unlocked on cow_file_range() failure

In the Linux kernel, the following vulnerability has been resolved: btrfs: ensure pages are unlocked on cowfilerange failure There is a hungtask report on zoned btrfs like below. https://github.com/naota/linux/issues/59 726.328648 INFO: task rocksdb:high0:11085 blocked for more than 241 seconds...

PT-2025-37189

🚨 CVE-2025-58144 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are two issues related to the mapping of pages belonging to other domains: For one, an assertion is wrong there, where the case actually needs...

CVE-2023-52490

A page mapping vulnerability was found in the Linux kernel. A call to the pagemapping function during a page migration may return an incorrect file mapping and cause a system crash if another thread is simultaneously attempting to offline the target page that is being migrated. Mitigation...

CVE-2023-52490

In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash after a few hours: Unable to handle kernel NULL pointer dereference at virtual address...

CVE-2023-52490

In the Linux kernel, the following vulnerability has been resolved: mm: migrate: fix getting incorrect page mapping during page migration When running stress-ng testing, we found below kernel crash after a few hours: Unable to handle kernel NULL pointer dereference at virtual address...