Fedora 43 : cef (2025-6e776254bf)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-6e776254bf advisory. Update to cef-143.0.10+g8aed01b + chromium-143.0.7499.146 rhbz2423482 High CVE-2025-14765: Use after free in WebGPU High CVE-2025-14766: Out of boun...

CVE-2024-50174 drm/panthor: Fix race when converting group handle to group object

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal array when entries are being simultaneously added and removed. However there is still a race...

CVE-2022-49001

In the Linux kernel, the following vulnerability has been resolved: riscv: fix race when vmap stack overflow Currently, when detecting vmap stack overflow, riscv firstly switches to the so called shadow stack, then use this shadow stack to call the getoverflowstack to get the overflow stack...

CVE-2024-47741 btrfs: fix race setting file private on concurrent lseek using same fd

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race setting file private on concurrent lseek using same fd When doing concurrent lseek2 system calls against the same file descriptor, using multiple threads belonging to the same process, we have a short time window...

CVE-2024-47668

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in genradixptralloc If we need to increase the tree depth, allocate a new node, and then race with another thread that increased the tree depth before us, we'll still have a preallocated no...

CVE-2024-46850 drm/amd/display: Avoid race between dcn35_set_drr() and dc_state_destruct()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid race between dcn35setdrr and dcstatedestruct dcstatedestruct nulls the resource context of the DC state. The pipe context passed to dcn35setdrr is a member of this resource context. If dcstatedestruct is...

CVE-2024-42300

In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in zerofsgetgbuf In zerofsgetgbuf, the current task may be migrated to another CPU between zerofsgbufid and spinlock&gbuf-lock. Therefore, zerofsputgbuf will trigger the following issue which was found by stress...

CVE-2024-42300

The CVE concerns the Linux kernel’s erofs subsystem, specifically a race in z_erofs_get_gbuf() that can migrate the current task between z_erofs_gbuf_id() and spin_lock(&gbuf->lock). This race can cause z_erofs_put_gbuf() to trigger a kernel BUG in fs/erofs/zutil.c, as observed during stress t...

CVE-2024-42300 erofs: fix race in z_erofs_get_gbuf()

In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in zerofsgetgbuf In zerofsgetgbuf, the current task may be migrated to another CPU between zerofsgbufid and spinlock&gbuf-lock. Therefore, zerofsputgbuf will trigger the following issue which was found by stress...

CVE-2024-6996

Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-6778

Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

CVE-2022-48858

CVE-2022-48858 - Linux kernel mlx5 race (net/mlx5): The vulnerability results from a race on command flush, causing a refcount use-after-free when a command is freed while another process may still access it. The root cause is improper synchronization around command entry refcount, leading to a p...

CVE-2023-52639

CVE-2023-52639 affects the Linux kernel KVM s390: vsie shadow creation. The issue is a race where gmap->private can be observed as zero in kvm_s390_vsie_gmap_notifier due to adding gmap->private == kvm after creation. The root cause is a race during shadow creation in acquire_gmap_shadow(),...

CVE-2024-26643 netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released fr...

GSD-2023-1002077 usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait

usb: gadget: ffs: Prevent race during ffsep0queuewait This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.91 by commit...

CVE-2022-26357

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the...

CVE-2021-37991

Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

GSD-2021-1001843 userfaultfd: fix a race between writeprotect and exit_mmap()

userfaultfd: fix a race between writeprotect and exitmmap This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...

OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot...

[RHSA-2000:122-04] race condition exists in diskcheck

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: race condition exists in diskcheck Advisory ID: RHSA-2000:122-04 Issue date: 2000-12-01 Updated on: 2000-12-04 Product: Red Hat Powertools Keywords: N/A Cross references: N/A...