CVE-2023-54019

In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroupfilerelease causes UAF issues when a cgroup is removed from under a polling process. This is happening because cgroup removal causes ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987050)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987050 advisory. In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfdpoll and binderpoll are special ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987372)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987372 advisory. In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in epremovewaitqueue If a non-root cgroup gets removed when there i...

EUVD-2022-42594

Malicious code in bioql PyPI...

CVE-2021-47505

In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfdpoll and binderpoll are special in that they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This is okay f...

CVE-2021-47505 aio: fix use-after-free due to missing POLLFREE handling

In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfdpoll and binderpoll are special in that they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This is okay f...

CVE-2021-47505 aio: fix use-after-free due to missing POLLFREE handling

In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfdpoll and binderpoll are special in that they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This is okay f...

Denial Of Service (DoS)

linux-kvm is vulnerable to denial of service. The vulnerability exists because the iouring poll does not properly handle POLLFREE, allowing an attacker to crash the application through the use after free...

Double free

There exists a use-after-free in iouring in the Linux kernel. Signalfdpoll and binderpoll use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the iouring poll doesn't handle POLLFREE. This allows a...

CVE-2022-3176 Use-after-free in io_uring in Linux Kernel

There exists a use-after-free in iouring in the Linux kernel. Signalfdpoll and binderpoll use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the iouring poll doesn't handle POLLFREE. This allows a...

CVE-2022-3176 Use-after-free in io_uring in Linux Kernel

There exists a use-after-free in iouring in the Linux kernel. Signalfdpoll and binderpoll use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the iouring poll doesn't handle POLLFREE. This allows a...

GSD-2021-1002430 aio: fix use-after-free due to missing POLLFREE handling

aio: fix use-after-free due to missing POLLFREE handling This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.221 by commit...