Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fixed a use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows a use-after-free race condition: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx =...

EUVD-2025-30868

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39877

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs: fix use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows a use-after-free race: CPU 0 CPU 1...

mm/damon/sysfs: fix use-after-free in state_show()

...

SUSE CVE-2025-39877

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows a use-after-free race: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx = kdamond-damonctx;...

CVE-2025-39877

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows a use-after-free race: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx = kdamond-damonctx;...

CVE-2025-39877

The CVE-2025-39877 issue is a Linux kernel use-after-free in mm/damon/sysfs: state_show() reads kdamond->damon_ctx without holding damon_sysfs_lock, allowing a UAF when damon_ctx is freed under damon_sysfs_lock. A fix mirrors pid_show() by taking damon_sysfs_lock before dereferencing the conte...

CVE-2025-39877 mm/damon/sysfs: fix use-after-free in state_show()

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows a use-after-free race: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx = kdamond-damonctx;...

CVE-2025-39877 mm/damon/sysfs: fix use-after-free in state_show()

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows a use-after-free race: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx = kdamond-damonctx;...

PT-2025-39134

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free condition within the state show function in the mm/damon/sysfs module. The function reads kdamond-damon ctx without acquiring the damon sysfs...

CVE-2025-39778 objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show()

In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmetctrlstateshow The cstsstatenames array only has six sparse entries, but the iteration code in nvmetctrlstateshow iterates seven, resulting in a potential out-of-bounds stack...

kernel: extcon: Modify extcon device to be created after driver data is set

In the Linux kernel, the following vulnerability has been resolved: extcon: Modify extcon device to be created after driver data is set Currently, someone can invoke the sysfs such as stateshow intermittently before devsetdrvdata is done. And it can be a cause of kernel Oops because of edev is Nu...