CVE-2025-38017

CVE-2025-38017 affects the Linux kernel, specifically the fs/eventpoll path used by epoll_pwait2. After the fix in the commit described as setting epoll timeout when in the future, a non-zero timeout (e.g., 1 ns) could cause an endless busy loop if the timeout expires before ep_poll() is entered,...

CVE-2025-38017 fs/eventpoll: fix endless busy loop after timeout has expired

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 "eventpoll: Set epoll timeout if it's in the future", the following program would immediately enter a busy loop in the kernel: int main int e...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the pn532cmdtimeout timer not being removed resulting in reuse after release...

idm:DL1 security update

bind-dyndb-ldap 11.6-6 - Fix rpminspect warnings Resolves: RHEL-22497 custodia ipa 4.9.13-18.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-18 - Set krbCanonicalName admin@REALM on the admin user Resolves: RHEL-89895 4.9.13-17 - kdb: keeep ipadbgetconnection from...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unset timeout flag, which could lead to an infinite loop...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the qla2xxx driver accessing an obsolete SRB during an I/O timeout, which could lead to a crash...

PT-2025-26024 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A crash in the Linux kernel has been resolved, related to the scsi: qla2xxx module. The issue occurs due to stale SRB access around I/O timeouts. To fix this, the code now ensures that...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Add a step to move a job to the pending list if the reset operation was skipped. When a CL/CSD job times out, we check whether the GPU has made any progress since the last timeout. If so, instead of resetting the hardwar...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the warning "rxecleanup+0x12c/0x170 rdmarxe" The call trace is as follows: ? show regs.cold+0x1a/0x1f ? rxecleanup+0x12c/0x170 rdmarxe ? warn+0x84/0xd0 ? rxecleanup+0x12c/0x170 rdmarxe ? reportbug+0x105/0x180 ?...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access between the reset thread and the TM thread for reply queues. When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an inval...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pdscore: make waitcontext a full part of the qinfo structure, rather than a stack variable that disappears after pdscadminqpost is executed. This ensures that the context is still available after the wait loop has ended. There wa...

CVE-2025-5865

A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sysselect of the file rt-thread/components/lwp/lwpsyscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor...

CVE-2025-5865

A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sysselect of the file rt-thread/components/lwp/lwpsyscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor...

RT-Thread 安全漏洞

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that originates from the operation of the parameter timeout in the file rt-thread/components/lwp/lwpsyscall.c, which can be exploited by an attacker to...

PT-2025-24408 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread version 5.1.0 Description: A critical issue affects the sys select function of the Parameter Handler component in the file rt-thread/components/lwp/lwp syscall.c. The manipulation of the timeout argument leads to memory corruption...

The vulnerability of the null_timeout_rq() function in the drivers/block/null_blk/main.c module of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the nulltimeoutrq function in the drivers/block/nullblk/main.c module of the Linux kernel is related to a memory overflow issue. Exploiting this vulnerability could allow an attacker to cause a system failure...

CVE-2024-1563

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition. This vulnerability affects Focus for iOS 122...

CVE-2023-28440

Discourse is an open source platform for community discussion. In affected versions a maliciously crafted request from a Discourse administrator can lead to a long-running request and eventual timeout. This has the greatest potential impact in shared hosting environments where admins are untruste...

CVE-2023-28827

A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.5.20...

CVE-2023-21281

In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for...