29 matches found
CVE-2026-43327
In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...
CVE-2026-43327
CVE-2026-43327 affects the Linux kernel USB dummy-hcd code. The race involves usb_gadget_udc_reset() being invoked with a NULL second argument (driver) due to a race between USB reset and driver unbind, enabling a potential crash. The root cause was that stop_activity() could drop and re-acquire ...
CVE-2026-43327
In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...
PT-2026-38978
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A locking and synchronization error exists in the USB dummy-hcd component. A race condition can occur between a USB reset and a driver unbind process. Specifically, the stop activity...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ibmvnic: fixed a race condition between xmit and reset There is a race condition between the reset path and the transmit path that can lead to ibmvnicxmit accessing an SCRQ after it has been freed in the reset path. This can...
CLSA-2026-1777305243 Fix CVE(s): CVE-2024-38286
SECURITY UPDATE: Denial of Service caused by unbounded TLS handshake wrap queue in SecureNio2Channel / SecureNioChannel. Backport upstream fix from 9.0.x commit 76c5cce6f0bcef14b0c21c38910371ca7d322d13. - debian/patches/CVE-2024-38286.patch: cap the handshake wrap queue at...
CVE-2026-31523
A flaw was found in the Linux kernel's Non-Volatile Memory Express NVMe PCI driver. A local user can trigger a race condition during a system reset by changing the polled queue count. This vulnerability allows a high-priority task to attempt to poll a queue before the system's queue maps are...
CVE-2026-31523
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue...
CVE-2026-31523 nvme-pci: ensure we're polling a polled queue
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue...
Linux Distros Unpatched Vulnerability : CVE-2026-23340
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: sched: avoid qdiscresetalltxgt vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netifsetrealnumtxqueues calls...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2025-4478: Fixed initialization of function pointers after resource allocations bsc1243109 CVE-2026-22851: Fixed RDPGFX ResetGraphics race leading to use-after-free in SDL client sdl-primary bsc1256717 CVE-2026-22852: Fixed...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004251)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004251 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001670)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001670 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced ...
CVE-2025-40315 usb: gadget: f_fs: Fix epfile null pointer access after ep enable.
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear called in ffsdatareset sets ffs-epfiles to NULL before resettin...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989356)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989356 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queuerq, in...
CVE-2025-39855 ice: fix NULL access of tx->in_use in ice_ptp_ts_irq
In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in iceptptsirq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the...
CVE-2025-39855
Summary: CVE-2025-39855 concerns the Linux kernel ICE driver (notably the E810’s low-latency TX timestamp interface). The bug occurs in ice_ptp_ts_irq() where the Tx timestamp tracker ice_ptp_tx is used before being initialized, risking NULL dereference or use-after-free if a TX timestamp interru...
PT-2025-38562
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ice ptp ts irq function where it does not check if the timestamp tracker is initialized before its first access. This can lead to a NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2020-25599
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. There are evtchnreset race conditions. Uses of EVTCHNOPreset potentially by a guest on itself or XENDOMCTLsoftres...
SUSE CVE-2022-49201
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: fix race between xmit and reset There is a race between reset and the transmit paths that can lead to ibmvnicxmit accessing an scrq after it has been freed in the reset path. It can result in a crash like: Kernel attempt...