PT-2025-42252

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to futex operations that could lead to a use-after-free condition during a requeue operation. Specifically, a race condition can occur where fute...

Linux Distros Unpatched Vulnerability : CVE-2025-37982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: wl1251: fix memory leak in wl1251txwork The skb dequeued from txqueue is lost when wl1251pselpwakeup fails with a -ETIMEDOUT error. Fix that by queueing t...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublkabortqueue Commit 8284066946e6 "ublk: grab request reference when the request is handled by userspace" doesn't grab request reference in case of recovery reissue. Then the request can ...

SUSE CVE-2025-37982

In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: fix memory leak in wl1251txwork The skb dequeued from txqueue is lost when wl1251pselpwakeup fails with a -ETIMEDOUT error. Fix that by queueing the skb back to txqueue...

DEBIAN-CVE-2025-37982

In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: fix memory leak in wl1251txwork The skb dequeued from txqueue is lost when wl1251pselpwakeup fails with a -ETIMEDOUT error. Fix that by queueing the skb back to txqueue...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from failure to re-queue skb on wakeup failure, which could lead to a memory leak...

SUSE CVE-2022-49814

In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...

ALPINE-CVE-2025-31498

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

UBUNTU-CVE-2024-56583

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix warning in migrateenable for boosted tasks When running the following command: while true; do stress-ng --cyclic 30 --timeout 30s --minimize --quiet done a warning is eventually triggered: WARNING: CPU: 43 PID...

SUSE CVE-2024-49855

In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbdrequeuecmd, normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix t...

DEBIAN-CVE-2024-49855

In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbdrequeuecmd, normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix t...

AZL-50640 CVE-2024-49855 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbdrequeuecmd, normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix t...

UBUNTU-CVE-2024-49855

In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbdrequeuecmd, normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix t...

CVE-2024-47706

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process 1 Process 2 Process 3 BIC1 BIC2 BIC3 | Λ | Λ | Λ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 2 bfqq1 merged to bfqq...

DEBIAN-CVE-2021-47498

In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to stop/start device mapper queue. But blk-mq's unquiesce may come from outside events, such as elevator switch, updating nrrequests or...

kernel: sched/core: Do not requeue task on CPU excluded from cpus_mask

In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpusmask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: ...

SUSE CVE-2012-6647

The futexwaitrequeuepi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a crafted...

SUSE CVE-2014-0205

The futexwait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service use-after-free and system crash or possibly gain privileges via a crafted application th...

SUSE CVE-2014-3153

The futexrequeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEXREQUEUE command that facilitates unsafe waiter modification...

SUSE CVE-2018-6927

The futexrequeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service integer overflow or possibly have unspecified other impact by triggering a negative wake or requeue value...