CVE-2026-46047 net: qrtr: ns: Fix use-after-free in driver remove()

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove In the remove callback, if a packet arrives after destroyworkqueue is called, but before sockrelease, the qrtrnsdataready callback will try to queue the work, causing...

CVE-2026-43215 cifs: Fix locking usage for tcon fields

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the...

libwebp: Fix of 6 CVEs

CVE-2018-25009: fix out-of-bounds read in GetLE16 by validating VP8X chunk size - CVE-2018-25010: fix heap-based buffer overflow in ApplyFilter by limiting filter radius to image dimensions - CVE-2018-25011: fix heap-based buffer overflow in PutLE16 by rejecting multiple image chunks in ANMF...

CLSA-2026-1777973188 libwebp: Fix of 6 CVEs

CVE-2018-25009: fix out-of-bounds read in GetLE16 by validating VP8X chunk size - CVE-2018-25010: fix heap-based buffer overflow in ApplyFilter by limiting filter radius to image dimensions - CVE-2018-25011: fix heap-based buffer overflow in PutLE16 by rejecting multiple image chunks in ANMF...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access between the reset thread and the TM thread for reply queues. When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an inval...

Astra Linux - уязвимость в firefox

Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. This vulnerability affects Firefox 133 and Thunderbird 133...

CLSA-2026-1776421961 libwebp: Fix of 2 CVEs

CVE-2018-25013, CVE-2018-25014: wait for all threads to be done in DecodeRemaining, make sure partition 0 is read before VP8 data...

EUVD-2017-2660

Malware in sbrugna...

EUVD-2022-54923

Malicious code in bioql PyPI...

EUVD-2025-14090

Malicious code in bioql PyPI...

PT-2026-2506

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's HFS+ implementation related to concurrent operations involving sync and link. Specifically, the issue arises when multiple threads attempt to create a...

CVE-2025-38524

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...

CVE-2025-38524

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...

CVE-2025-47735

inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks dropslow thread synchronization...

CVE-2025-37861

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...

CVE-2025-37861

The CVE 2025-37861 pertains to the Linux kernel SCSI MPI3MR driver where the TM thread could process reply queues while the reset thread reinitializes them, causing an access to an invalid queue ID (0xFFFF) and a crash. The fix adds a synchronization flag io_admin_reset_sync. Before a reset, the ...

CVE-2025-37861 scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...

wgp race condition in inner::drop

inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks dropslow thread synchronization...

GHSA-2W4W-4385-VH4H wgp race condition in inner::drop

inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks dropslow thread synchronization...

CVE-2025-47735

inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks dropslow thread synchronization...