CVE-2026-48066 pam_usb: Thread-unsafe static pointer in log.c causes data race under concurrent PAM authentication

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004215)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004215 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001141)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001141 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...

RHEL 5 : guile (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - guile: Thread-unsafe umask modification CVE-2016-8605 Note that Nessus has not tested for this issue but has instea...

SUSE CVE-2018-18338

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessib...

SUSE-SU-2020:1659-1 Security update for guile

This update for guile fixes the following issues: - CVE-2016-8605: Fixed thread-unsafe umask modification bsc1004221...

CVE-2019-3837

It was found that the netdma code in tcprecvmsg in the RHEL6 kernel is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg for the same network socket in parallel executed on ioatdma-enabled hardware with netdma enabled can leak the memory, crash the host leadin...

CVE-2019-3837

It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg for the same network socket in parallel executed on ioatdma-enabled hardware with netdma enabled can leak the memory,...

Memory corruption

It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg for the same network socket in parallel executed on ioatdma-enabled hardware with netdma enabled can leak the memory,...

CVE-2019-3837

It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg for the same network socket in parallel executed on ioatdma-enabled hardware with netdma enabled can leak the memory,...

UBUNTU-CVE-2019-3837

It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg for the same network socket in parallel executed on ioatdma-enabled hardware with netdma enabled can leak the memory,...

CVE-2019-3837

It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg for the same network socket in parallel executed on ioatdma-enabled hardware with netdma enabled can leak the memory,...

CVE-2019-3837

It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg for the same network socket in parallel executed on ioatdma-enabled hardware with netdma enabled can leak the memory,...

DEBIAN-CVE-2018-18338

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-18338

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE-SU-2017:0398-1 Security update for guile

This update for guile fixes the following issues: - CVE-2016-8605: Fixed thread-unsafe umask modification bsc1004221...

SUSE-SU-2017:0394-1 Security update for guile

This update for guile fixes the following issues: - CVE-2016-8605: Fixed thread-unsafe umask modification bsc1004221...

openSUSE Security Update : guile (openSUSE-2016-1235)

This update for guile fixes the following issues : - CVE-2016-8606: REPL server vulnerable to HTTP inter-protocol attacks bsc1004226. - CVE-2016-8605: Thread-unsafe umask modification bsc1004221. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

PYSEC-2009-12

The passwordchecker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service segmentation fault and crash via unknown vectors...