29 matches found
SUSE CVE-2026-46137
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
CVE-2026-46137
A flaw was found in the Linux kernel, specifically within the Multipath TCP MPTCP implementation. The mptcppmaddtimer helper, which is executed as a timer callback, does not properly hold the socket lock when operating in a softirq context. This oversight can lead to a potential data race, which...
CVE-2026-46137
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
CVE-2026-46137 mptcp: pm: ADD_ADDR rtx: fix potential data-race
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘sched/fair: Make sure to try to detach at least one movable task’” This change is reflected in commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. The patch modifies the load balancing logic to ignore env.maxloop if all tas...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: fs: dlm: fixed use-after-free in midcomms commit While working on processing dlm messages in the softirq context, I encountered the following KASAN use-after-free warnings: 151.760477...
PT-2026-37393
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net: ioam6 component where an out-of-bounds access of the dev- tx array can occur when is input is true. This happens because skb get tx queue does not clamp the...
CVE-2026-23168
In the Linux kernel, the following vulnerability has been resolved: flexproportions: make fpropnewperiod hardirq safe Bernd has reported a lockdep splat from flexible proportions code that is essentially complaining about the following race: runtimersoftirq - we are in softirq context calltimerfn...
CVE-2026-23138
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
CVE-2026-23138
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
CVE-2026-23138 tracing: Add recursion protection in kernel stack trace recording
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37808)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37808 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993155)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993155 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq conte...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992292)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992292 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq conte...
PT-2025-53008
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where an invalid memory access can occur following fault injection in the update effective progs function. This issue arises when fault injection causes...
CVE-2025-40164 usbnet: Fix using smp_processor_id() in preemptible code warnings
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smpprocessorid in preemptible code warnings Syzbot reported the following warning: BUG: using smpprocessorid in preemptible 00000000 code: dhcpcd/2879 caller is usbnetskbreturn+0x74/0x490...
EUVD-2025-32786
In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix use after free in midcomms commit While working on processing dlm message in softirq context I experienced the following KASAN use-after-free warning: 151.760477...
DEBIAN-CVE-2025-37808
In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq context through afalg, use spin locks instead of mutexes to protect the default null algorithm...
PT-2025-20337
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue concerned the null algorithm, which could be freed in the softirq context through af alg. To protect the default null...
DEBIAN-CVE-2022-49149
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call timer start racing with call destruction The rxrpccall struct has a timer used to handle various timed events relating to a call. This timer can get started from the packet input routines that are run in softirq...