Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfers and subscribing to the error queue while...

CVE-2026-42626

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

PT-2026-42806

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

CVE-2026-43215

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the...

PT-2026-37555

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the CIFS component where cifs tcp ses lock was used to protect various objects, including tcon fields, instead of using more granular locks. This caused unnecessary...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by changing j1939sockslock to rwlock. The following 3 locks may race against each other, causing a deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

CVE-2026-23226 ksmbd: add chann_lock to protect ksmbd_chann_list xarray

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add channlock to protect ksmbdchannlist xarray ksmbdchannlist xarray lacks synchronization, allowing use-after-free in multi-channel sessions between lookupchannlist and ksmbdchanndel. Adds rwsemaphore channlock to struct...

SUSE CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

UBUNTU-CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

CVE-2023-54152

Summary: CVE-2023-54152 affects the Linux kernel’s j1939 subsystem, where a deadlock could occur when performing data TP/ETP transfers and subscribing to the error queue during a net down event. Root cause: a call to j1939_sk_errqueue() was made inside the active_session_list_lock, which could in...

CVE-2023-54152 can: j1939: prevent deadlock by moving j1939_sk_errqueue()

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

CVE-2023-53867

In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...

CVE-2023-53867 ceph: fix potential use-after-free bug when trimming caps

In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session-scaplock' is released in cephiteratesessioncaps the cap maybe removed by another thread, and when using the stale cap...

PT-2025-52942

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Ceph subsystem related to capability trimming. Specifically, a use-after-free condition can occur when trimming capabilities after releasing t...

PT-2025-53229

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939 sk errqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving...

EUVD-2025-36988

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix recursive locking in RPC handle list access Since commit 305853cce3794 "ksmbd: Fix race condition in RPC handle list access", ksmbdsessionrpcmethod attempts to lock sess-rpclock. This causes hung connections / tasks wh...

CVE-2025-40090

CVE-2025-40090 concerns ksmbd in the Linux kernel. The vulnerability stems from a recursive locking issue: ksmbd_session_rpc_method() attempts to lock sess->rpc_lock, while a caller may already hold it for a write, causing a deadlock with ksmbd_rpc_open and related paths when a client opens a ...

EUVD-2024-45139

Malicious code in bioql PyPI...