Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: fixed a race condition in mptcppmdeladdtimer The function mptcppmdeladdtimer may call skstoptimersyncsk, &entry-addtimer. It is reported by syzbot that there might already be a free entry. Add RCU protection to fix this...

CVE-2025-40257

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-;addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusi...

SUSE CVE-2025-40257

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusin...

CVE-2025-40257 mptcp: fix a race in mptcp_pm_del_add_timer()

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusin...

EUVD-2025-201200

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusin...

kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

kernel: tcp: properly terminate timers for kernel sockets

In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...

kernel: tcp: properly terminate timers for kernel sockets

In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...

SUSE CVE-2024-35910

In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test...

PT-2024-20330 · Unknown · Mediaserver

Name of the Vulnerable Software and Affected Versions: media-server version 1.0.0 Description: A Use-After-Free UAF issue was discovered in the sip uac stop timer function. This issue is related to the /uac/sip-uac-transaction.c file. Recommendations: For media-server version 1.0.0, consider...

The vulnerability of the `cyttsp4_stop_wd_timer()` function in the `drivers/input/touchscreen/cyttsp4_core.c` file of the touchscreen sensor driver for the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the cyttsp4stopwdtimer function in the drivers/input/touchscreen/cyttsp4core.c file of the Cypress TrueTouch Gen4 touchscreen driver for the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources race condition...