21 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007348)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007348 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: afbluetooth: Fix deadlock Attemting to do socklock on .recvmsg may cause a deadlock as...
CVE-2022-50676
CVE-2022-50676: The issue is in the Linux kernel RDS path where cancel_delayed_work_sync() was placed under a section protected by lock_sock(), with rds_send_xmit()/rds_recv_worker() potentially calling lock_sock(). The fix removes the need to protect cancel_delayed_work_sync() with lock_sock(), ...
CVE-2022-50676 net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()
In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting lockdep warning at rdstcpresetcallbacks 1, for commit ac3615e7f3cffe2a "RDS: TCP: Reduce code duplication in rdstcpresetcallbacks"...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1223)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1223 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow CVE-2025-39877 In the Linux kernel, the following vulnerability has been...
EUVD-2024-53288
Malicious code in bioql PyPI...
AZL-69665 CVE-2025-23143 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: Fix null-ptr-deref by socklockinitclassandname and rmmod. When I ran the repro 0 and waited a few seconds, I observed two LOCKDEP splats: a warning immediately followed by a null-ptr-deref. 1 Reproduction Steps: 1 Mount CIFS...
CVE-2025-23143
CVE-2025-23143 is a Linux kernel issue where unloading a module (e.g., CIFS/NFS) can race with a TCP socket still alive, leading to a NULL pointer dereference in lockdep when hlock_class() is called after the module is gone. The root cause is that CIFS assigns a different lock class to the socket...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference due to socklockinitclassandname and rmmod...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-56640)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56640 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after- fre...
SUSE CVE-2024-56640
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...
PT-2025-49784
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a time-of-check to time-of-use TOCTOU issue that can lead to an out-of-bounds write. This occurs in the sctp diag dump function, which calls sctp for each...
CVE-2024-56640
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...
AZL-55527 CVE-2024-56640 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...
CVE-2024-56640
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...
UBUNTU-CVE-2024-56640
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...
CVE-2024-56640 net/smc: fix LGR and link use-after-free issue
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...
CVE-2024-56640 net/smc: fix LGR and link use-after-free issue
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...
CVE-2024-56640
CVE-2024-56640 affects the Linux kernel (net/smc) and describes a use-after-free caused by mismanaged refcount of LGRs/links. The issue manifests as refcount_t: addition on 0 or underflow during concurrent operations, leading to premature resource release and unsafe access. The root cause is repe...
CVE-2024-56640 net/smc: fix LGR and link use-after-free issue
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix LGR and link use-after-free issue We encountered a LGR/link use-after-free issue, which manifested as the LGR/link refcnt reaching 0 early and entering the clear process, making resource access unsafe. refcountt:...
GSD-2022-1007424 net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()
net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.220 by commit...