16 matches found
kernel: Linux kernel: vsock vulnerability may lead to memory corruption
A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...
kernel: Linux kernel: vsock vulnerability may lead to memory corruption
A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...
CVE-2025-40248
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...
SUSE CVE-2025-40248
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...
CVE-2025-40248
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...
CVE-2025-40248 vsock: Ignore signal/timeout on connect() if already established
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...
EUVD-2025-201209
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...
CVE-2025-40248
CVE-2025-40248 affects the Linux kernel vsock connect path, where signaling/timeout handling can race with established sockets, potentially causing use-after-free, sockmap state issues and linger behavior. Public advisories (MGASA-2026-0018 and vendor advisories) confirm a fix in kernel versions ...
CVE-2025-40248
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...
CVE-2025-40248 vsock: Ignore signal/timeout on connect() if already established
In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...
Linux Distros Unpatched Vulnerability : CVE-2025-40248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads t...
EUVD-2025-5191
Malicious code in bioql PyPI...
PT-2025-49078
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s vsock implementation. Specifically, the issue arises when handling signals or timeouts during a connect operation on an already established socket...
CVE-2025-21747
In the Linux kernel, the following vulnerability has been resolved: drm/ast: astdp: Fix timeout for enabling video signal The ASTDP transmitter sometimes takes up to 1 second for enabling the video signal, while the timeout is only 200 msec. This results in a kernel error message. Increase the...
CVE-2025-21747
The CVE-2025-21747 entry concerns the Linux kernel DRM AST driver (drm/ast: astdp) where the video-signal enable path could trigger a kernel warning due to an insufficient timeout. Root cause: a timeout too short (200 ms) for enabling the ASTDP transmitter; the system may log a WARN_ON in ast_dp_...
CVE-2025-21747
In the Linux kernel, the following vulnerability has been resolved: drm/ast: astdp: Fix timeout for enabling video signal The ASTDP transmitter sometimes takes up to 1 second for enabling the video signal, while the timeout is only 200 msec. This results in a kernel error message. Increase the...