4 matches found
UBUNTU-CVE-2025-21718
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...
CVE-2025-21718 net: rose: fix timer races against user threads
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...
CVE-2025-21718
CVE-2025-21718 affects the Linux kernel Rose timer handling. The issue arises when Rose timers acquire only the socket spinlock and do not verify socket ownership, enabling a race against user threads. The described fix adds a socket ownership check and rearms timers as needed, addressing a KASAN...
CVE-2025-21718 net: rose: fix timer races against user threads
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...