UBUNTU-CVE-2026-46025

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoncall vs kdamondfn exit race Patch series "mm/damon/core: fix damoncall/damoswalk vs kdmond exit race". damoncall and damoswalk can leak memory and/or deadlock when they race with kdamond terminations. Fix...

CVE-2026-46008

mm/damon/core: fix damoswalk vs kdamondfn exit race...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

A issue was discovered in the Linux kernel through version 6.5.9. During a race condition involving the exit of a SQ thread, a NULL pointer dereferencing in iouring/fdinfo.c’s iouringshowfdinfo function can occur...

CVE-2026-24792 web_webview has a Race Condition vulnerability

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps...

EUVD-2026-25885

In the Linux kernel, the following vulnerability has been resolved: driver core: enforce devicelock for drivermatchdevice Currently, drivermatchdevice is called from three sites. One site deviceattachdriver holds devicelockdev, but the other two bindstore and driverattach do not. This inconsisten...

CVE-2026-27670 OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition

OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that allows local attackers to write files outside the intended destination directory. Attackers can exploit a time-of-check-time-of-use race between path validation and file write operations by rebinding...

CVE-2025-14338 Polkit authentication dis isabled by default in inputplumber

Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005...

TencentOS Server 3: webkit2gtk3 (TSSA-2025:0999)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0999 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2023-54235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 objec...

SUSE CVE-2023-54007

In the Linux kernel, the following vulnerability has been resolved: vmcihost: fix a race condition in vmcihostpoll causing GPF During fuzzing, a general protection fault is observed in vmcihostpoll. general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 1 PREEMPT SM...

CVE-2023-53998 hwrng: virtio - Fix race on data_avail and actual data

In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on dataavail and actual data The virtio rng device kicks off a new entropy request whenever the data available reaches zero. When a new request occurs at the end of a read operation, that is, when the...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-28040)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-28040 advisory. - netfilter: nftables: reject duplicate device on updates Pablo Neira Ayuso Orabug: 38712798 CVE-2025-38678 - ice: fix using untrusted value of...

CVE-2025-40201 kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths

In the Linux kernel, the following vulnerability has been resolved: kernel/sys.c: fix the racy usage of tasklocktsk-groupleader in sysprlimit64 paths The usage of tasklocktsk-groupleader in sysprlimit64-doprlimit path is very broken. sysprlimit64 does gettaskstructtsk but this only protects...

CVE-2025-62596

Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target validation, and when combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. While resolving a path...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987712 advisory. In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in...

CVE-2023-53581

CVE-2023-53581 affects the Linux kernel mlx5 core (net/mlx5e). The issue is a race: NOT_READY flag is checked before acquiring the necessary lock, allowing a flow to be concurrently removed from unready_flows by a workqueue, which can cause a double removal and a crash (as shown by the crash trac...

Linux Distros Unpatched Vulnerability : CVE-2023-52502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: nfc: fix races in nfcllcpsockget and nfcllcpsockgetsn Sili Luo reported a race in nfcllcpsockget, leading to UAF. Getting a reference on the socket found i...

SUSE CVE-2025-38132

In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfgcsdevlock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 perf enable load module cscfgloadconfigsets activate config. // sysfs sysactivecnt == 1...

SUSE CVE-2022-49554

In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between asynchronous zspage free and page migration The asynchronous zspage free worker tries to lock a zspage's entire page list without defending against page migration. Since pages which haven't yet been...

DEBIAN-CVE-2024-46787

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmdtranshuge check", v2. The pmdtranshuge code in mfillatomic is wrong in three different ways depending on kernel version: 1. The pmdtranshuge che...