UBUNTU-CVE-2025-39742

In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask The function divides number of online CPUs by numcoresiblings, and later checks the divider by zero. This implies a possibility to get and divide-by-zero runtime error...

CVE-2025-39742

CVE-2025-39742 - RDMA: hfi1 divide-by-zero in find_hw_thread_mask() (Linux kernel) Affects: Linux kernel RDMA hfi1 path; vulnerability arises from dividing the number of online CPUs by num_core_siblings, followed by a zero-division check. Root cause: division performed before validating the divis...

CVE-2025-39742 RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()

In the Linux kernel, the following vulnerability has been resolved: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask The function divides number of online CPUs by numcoresiblings, and later checks the divider by zero. This implies a possibility to get and divide-by-zero runtime error...

mysql: Thread Pooling unspecified vulnerability (CPU Jul 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

ROS-20250910-03

Vulnerability of Poppler PDF rendering library is related to lack of object threads cleanup PDF when cairodebugresetstaticdata is called. Exploitation of the vulnerability could allow an attacker to gain access to confidential information...

EulerOS 2.0 SP12 : perl (EulerOS-SA-2025-2051)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Perl threads have a working directory race condition where file operations may target unintended paths.If a directory handle is open at thread...

Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2025-2051)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : perl (EulerOS-SA-2025-2020)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Perl threads have a working directory race condition where file operations may target unintended paths.If a directory handle is open at thread...

rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access

...

CVE-2025-39726

Technical details about CVE-2025-39726 are not publicly provided in the connected documents. The entries reference the CVE but do not describe affected products, versions, root cause, exploits, or fixes here. Monitor for updates.

SUSE CVE-2025-38703

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Make dma-fences compliant with the safe access rules Xe can free some of the data pointed to by the dma-fences it exports. Most notably the timeline name can get freed if userspace closes the associated submit queue. At t...

SUSE CVE-2025-38704

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

Pixar OpenUSD Sdf_PathNode Module Use-After-Free Vulnerability Leading to Potential Remote Code Execution

Summary A Use-After-Free UAF vulnerability has been discovered in the SdfPathNode module of the Pixar OpenUSD library. This issue occurs during the deletion of the SdfPrimPathNode object in multi-threaded environments, where freed memory is accessed. This results in segmentation faults or bus...

DEBIAN-CVE-2025-38704

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

AZL-66893 CVE-2025-38704 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

UBUNTU-CVE-2025-38704

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

UBUNTU-CVE-2025-38696

In the Linux kernel, the following vulnerability has been resolved: MIPS: Don't crash in stacktop for tasks without ABI or vDSO Not all tasks have an ABI associated or vDSO mapped, for example kthreads never do. If such a task ever ends up calling stacktop, it will derefence the NULL ABI pointer...

CVE-2025-38704

CVE-2025-38704: In the Linux kernel, a bug in rcu/nocb could access an invalid nocb_cb_kthread pointer during CPU online/offline cycles. The fix changes the safety check to use rdp->nocb_gp_kthread instead of rdp_gp->nocb_gp_kthread. Public advisories from SUSE (SUSE-SU-2026:20220-1, openSU...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.4.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

...

fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats

...