26 matches found
Astra Linux - уязвимость в linux-5.10, linux
There are use-after-free vulnerabilities caused by a timer handler in the net/rose/rosetimer.c file of Linux, which allow attackers to crash the Linux kernel without any privileges...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Net: rose: fixed the issue where timers race against user threads. The Rose timers only acquire the socket spinlock, without checking whether the socket is owned by a specific user thread. A check should be added, and the time...
Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo5111 bsc1237768. CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream bsc1238729...
SUSE-SU-2026:0385-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo5111 bsc1237768. - CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21718)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21718 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user...
ROS-20260119-7319
A vulnerability in the net/rose/rosetimer.c component of the Linux operating system kernel is related to simultaneous execution using a shared resource with improper synchronization. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001753)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001753 advisory. There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414451)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414451 advisory. There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...
Linux Distros Unpatched Vulnerability : CVE-2022-2318
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...
SUSE CVE-2025-21718
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...
AZL-57988 CVE-2025-21718 affecting package kernel for versions less than 5.15.179.1-1
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...
UBUNTU-CVE-2025-21718
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...
CVE-2025-21718 net: rose: fix timer races against user threads
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from rosetimer competing with a user thread...
SUSE CVE-2022-2318
There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges...
USN-5635-1 linux-gkeop vulnerabilities
It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...
Important: kernel
Issue Overview: An out-of-bounds write flaw was found in the Linux kernels framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUTVSCREENINFO with malicious data. This flaw allows a local user to crash or potentially escalate their privileges on the system...
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
...