CVE-2025-22074 ksmbd: fix r_count dec/increment mismatch

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix rcount dec/increment mismatch rcount is only increased when there is an oplock break wait, so rcount inc/decrement are not paired. This can cause rcount to become negative, which can lead to a problem where the ksmbd...

CVE-2025-22053

The CVE-2025-22053 issue affects the Linux kernel’s ibmveth driver, specifically the veth_pool_store path. The root cause is a race/ synchronization gap allowing two or more threads to enter veth_pool_store concurrently (via /sys/devices/vio/30000002/pool*/), which could lead to a hang. The provi...

CVE-2025-22024 nfsd: fix management of listener transports

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix management of listener transports Currently, when no active threads are running, a root user using nfsdctl command can try to remove a particular listener from the list of previously added ones, then start the server by...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mismatch between rcount increment and decrement in ksmbd, which could lead to negative counting and thread...

Allocation of Resources Without Limits or Throttling

Overview xgrammar is an Efficient, Flexible and Portable Structured Generation Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in threadsafecache.h, which can be populated by an indefinitely large number of entries corresponding to each new...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

The vulnerability of the sched_ext component of the pick_task_scx function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the schedext component in the picktaskscx function of the Linux operating system is related to mutual blocking of execution threads. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the rescuerthread() function in the kernel/workqueue.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the rescuerthread function in the kernel/workqueue.c module of the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of th...

PT-2025-18458

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue has been resolved in the Linux kernel, specifically in the ksmbd component. The problem occurs when the ksmbd connection is referenced after the ksmbd server threa...

CVE-2025-29917

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...

media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread

...

CVE-2025-32032 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan,...

The vulnerability of the pktgen_thread_worker() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the pktgenthreadworker function in the Linux operating system’s kernel is related to insufficient resource locking. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2025-21918 usb: typec: ucsi: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

CVE-2025-21918 usb: typec: ucsi: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix NULL pointer access Resources should be released only after all threads that utilize them have been destroyed. This commit ensures that resources are not released prematurely by waiting for the associated...

Improper Resource Shutdown or Release

Overview openai-model-registry is a Registry for OpenAI models with capability and parameter validation Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the registry cleanup routine and network request handling function. An attacker can exploit resourc...

Denial Of Service (DoS)

Aim is vulnerable to Denial Of Service DoS. The vulnerability is due to improper thread management due to the ScheduledStatusReporter object running on the main thread of the tracking server, blocking it indefinitely and preventing it from responding to requests...

SUSE CVE-2023-53031

In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section Current imc-pmu code triggers a WARNING with CONFIGDEBUGATOMICSLEEP and CONFIGPROVELOCKING enabled, while running a threadimc event. Command to trigger the warning: perf...

USN-7383-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

CVE-2023-52930 drm/i915: Fix potential bit_17 double-free

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential bit17 double-free A userspace with multiple threads racing I915GEMSETTILING to set the tiling to I915TILINGNONE could trigger a double free of the bit17 bitmask. Or conversely leak memory on the transition...