5 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: kcm: Annotated race condition around kcm-rxwait has been addressed. kcm-rxpsock can be accessed without a read lock in kcmrfree. The read and write operations should be annotated accordingly. syzbot reported: BUG: KCSAN: A dat...
unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race
Summary Sender::send in src/lib.rs contains an unsafe block in the DISCONNECTED arm that transmutes a raw pointer mut Producer into the bytes of a value-level Consumer. The author's intent, visible in the surrounding comment at lines 386-390, was a value transmute. The shipped code is one level o...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990766)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990766 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, bu...
CVE-2025-38524
The CVE-2025-38524 issue concerns a race in Linux kernel RXRPC: when a call on a socket receives events, the call may be dequeued by two threads, potentially causing a release/decoupling that leaves a stale RXRPC_USER_CALL_ID. The fix dequeues the call and ignores it if it is already released, pr...
CVE-2025-38524 rxrpc: Fix recv-recv race of completed call
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...