Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment from the Node.js open source. A security vulnerability exists in Node.js versions 20, 22, and 23 that stems from the diagnosticschannel tool that can hook a worker thread to create an event, allowing an attacker to obtain an...

AZL-63039 CVE-2025-21521 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols ...

UBUNTU-CVE-2025-21521

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols ...

PT-2025-4247 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.39 and prior MySQL Server versions 8.4.2 and prior MySQL Server versions 9.0.1 and prior Description: The vulnerability in the MySQL Server product of Oracle MySQL, specifically in the Server: Thread Pooling componen...

CVE-2025-21633

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-21633

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-21633

...

CVE-2025-21633

CVE-2025-21633 appears in multiple advisories as part of the Linux kernel fixes: MiracleLinux AXSA:2025-10431:39 for kernel 5.14.0-570.16.1.el9_6 (remote kernel io_uring sqpoll path) and is listed among kernels in Rocky Linux 10, AlmaLinux 9/10, RHEL 9/10/Oracle Linux advisories. The described is...

PT-2025-9007

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel's hrtimers infrastructure allows wakeups to be performed by an outgoing CPU after the CPUHP AP HRTIMERS DYING stage, potentially resulting in bandwidt...

SUSE CVE-2024-57896

In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at closectree, we first stop the cleaner kthread, using kthreadstop which frees the associated taskstruct, and then stop...

DEBIAN-CVE-2024-57896

In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at closectree, we first stop the cleaner kthread, using kthreadstop which frees the associated taskstruct, and then stop...

DEBIAN-CVE-2024-39282

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix FSM command timeout issue When driver processes the internal state change command, it use an asynchronous thread to process the command operation. If the main thread detects that the task has timed out, the...

CVE-2024-39282 net: wwan: t7xx: Fix FSM command timeout issue

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix FSM command timeout issue When driver processes the internal state change command, it use an asynchronous thread to process the command operation. If the main thread detects that the task has timed out, the...

CVE-2024-39282

CVE-2024-39282 : Linux kernel vulnerability in net: wwan: t7xx where the FSM command timeout handling can lead to a fault when an asynchronous worker finishes after the main thread releases its completion object. The issue manifests as a page fault (CR2 fffffffffffffff8) in complete_all during FS...

CVE-2024-39282 net: wwan: t7xx: Fix FSM command timeout issue

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: Fix FSM command timeout issue When driver processes the internal state change command, it use an asynchronous thread to process the command operation. If the main thread detects that the task has timed out, the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not stopping cleaner kthread first during uninstallation.No details of the vulnerability are available at th...

The vulnerability of the Intel QuickAssist (Intel QAT Engine for OpenSSL) driver package, related to improper flow management, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the Intel QuickAssist Driver Package Intel QAT Engine for OpenSSL is related to improper handling of threads. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

PT-2026-2936

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description A race condition exists in the serial channel IRP thread tracking of FreeRDP, potentially leading to a heap use-after-free. This occurs when one thread removes an entry from serial-IrpThreads while...

CVE-2024-56788

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: oatc6: fix tx skb race condition between reference pointers There are two skb pointers to manage tx skb's enqueued from n/w stack. waitingtxskb pointer points to the tx skb which needs to be processed and...

SUSE CVE-2024-56623

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpcthread to terminate UNLOADING flag and kthreadstop. On setting the UNLOADING flag whe...