4650 matches found
SUSE CVE-2025-38717
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
AZL-70783 CVE-2025-38717 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
AZL-66887 CVE-2025-38717 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
DEBIAN-CVE-2025-38717
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
UBUNTU-CVE-2025-38717
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
CVE-2025-38717 net: kcm: Fix race condition in kcm_unattach()
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
CVE-2025-38717
CVE-2025-38717 – net/kcm race condition (Linux kernel) : Syzbot observed a race between kcm_unattach(psock) and kcm_release(kcm). The bug stems from a missing check of the flag kcm->tx_stopped before queue_work(), which can allow requeuing kcm->tx_work between cancel_work_sync() and unreser...
CVE-2025-38717 net: kcm: Fix race condition in kcm_unattach()
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
f2fs: fix to avoid UAF in f2fs_sync_inode_meta()
...
Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'
...
usb: typec: fix potential array underflow in ucsi_ccg_sync_control()
...
kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...
Bluetooth: hci_conn: Use disable_delayed_work_sync
...
Linux Distros Unpatched Vulnerability : CVE-2020-10185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside...
PT-2025-46753
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to file system quotas. A kernel panic can occur when the panic on warn setting is enabled, specifically during writeback operations triggered by ...
CVE-2025-50986
diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting XSS vulnerabilities in its administrative settings interface. Various configuration fields such as ESHOST, ESINDEXREFRESH, ESPORT, ESSCROLLSIZE, ESTRANSLOGSIZE, ESTRANSLOGSYNCINT, EXCLUDESFILES, FILETYPES,...
CVE-2025-55177
Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device. We...
CLSA-2025-1756409662 xorg-x11-server: Fix of 8 CVEs
CVE-2025-26594: refuse to free the root cursor and keep its ref - CVE-2025-26595: fix buffer overflow in XkbVModMaskText - CVE-2025-26596: xkb: fix computation of XkbSizeKeySyms - CVE-2025-26597: xkb: fix buffer overflow in XkbChangeTypesOfKey - CVE-2025-26598: Xi: Fix barrier device search -...
CLSA-2025-1756408410 xorg-x11-server: Fix of 8 CVEs
CVE-2025-26594: refuse to free the root cursor and keep its ref - CVE-2025-26595: fix buffer overflow in XkbVModMaskText - CVE-2025-26596: xkb: fix computation of XkbSizeKeySyms - CVE-2025-26597: xkb: fix buffer overflow in XkbChangeTypesOfKey - CVE-2025-26598: Xi: Fix barrier device search -...
CVE-2025-50986
diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting XSS vulnerabilities in its administrative settings interface. Various configuration fields such as ESHOST, ESINDEXREFRESH, ESPORT, ESSCROLLSIZE, ESTRANSLOGSIZE, ESTRANSLOGSYNCINT, EXCLUDESFILES, FILETYPES,...