12 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31541
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing: Fix tracemarker copy link list updates When the copytracemarker option is enabled for an instance, anything written into /sys/kernel/tracing/tracemarke...
CVE-2026-23450
CVE-2026-23450 (Linux kernel): The issue stems from a race in the SMC TCP path (net/smc) where, during close of an SMC listen socket, sk_user_data can be NULL or the smc_sock freed, causing a NULL dereference or use-after-free in smc_tcp_syn_recv_sock() when accessed under rcu/protected context. ...
CVE-2026-23450
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smctcpsynrecvsock Syzkaller reported a panic in smctcpsynrecvsock 1. smctcpsynrecvsock is called in the TCP receive path softirq via icskafops-synrecvsock on the clcsock TCP listening...
CVE-2023-54271
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:rawspinlock+0x17/0x30...
kernel: i40e: fix race condition by adding filter's intermediate sync state
In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multip...
DEBIAN-CVE-2024-37354
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfssetitemkeysafe: BTRFS critical device vdb: slot 4 key 450 108 8192 new key 450 108 8192 ------------ cu...
SUSE CVE-2021-47335
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsyncentryslab by multi filesystem instances As syzbot reported, there is an use-after-free issue during f2fs recovery: Use-after-free write at 0xffff88823bc16040 in kfence-10:...
PT-2023-3846 · Microsoft · Windows Clip Service +1
Name of the Vulnerable Software and Affected Versions: Windows Clip Service affected versions not specified Description: The issue is related to synchronization errors in the Windows Clip Service, specifically a race condition. This could allow an attacker to elevate their privileges...
PT-2023-1777 · Microsoft · Windows Brokerinfrastructure Service +1
Name of the Vulnerable Software and Affected Versions: Windows BrokerInfrastructure Service affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows BrokerInfrastructure Service. It is caused by synchronization errors when using a...
PT-2022-7702 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the simultaneous execution of commands using a shared resource with incorrect synchronization in the Linux kernel's drm/vmwgfx component. This can lead to a cra...
PT-2022-2595 · Microsoft · Windows Point-To-Point Tunneling Protocol +1
Name of the Vulnerable Software and Affected Versions: Windows Point-to-Point Tunneling Protocol affected versions not specified Description: The issue is related to the implementation of the Point to Point Tunneling Protocol PPTP in Windows operating systems, specifically concerning errors in...
kernel: Heap out-of-bounds read in AF_PACKET sockets
A race condition issue was found in the way the raw packet socket implementation in the Linux kernel networking subsystem handled synchronization. A local user able to open a raw packet socket requires the CAPNETRAW capability could use this to waste resources in the kernel's ring buffer or...