CVE-2025-40305 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...

CVE-2025-40305

CVE-2025-40305 concerns Linux kernel 9p/trans_fd handling. Root cause: p9_fd_request relied on EPOLLOUT checks and wakeups via p9_pollwake/p9_poll_mux; after a pipe-read optimization, unnecessary wakeups were avoided by changing logic, reducing EPOLLIN-driven scheduling. The fix changes p9_fd_req...

CVE-2020-11148

Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is triggered and callback instance is deleted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

CVE-2020-11148

CVE-2020-11148 describes a use-after-free in HIDL when posting events from a callback in a Snapdragon stack (Auto/Compute/Connectivity/Consumer IOT/Industrial IOT/Mobile/Wearables). The root cause is that a callback instance can be deleted in a window where an internal mutex is not held and a clo...