CVE-2026-46069

A flaw was found in the Linux kernel's mwifiex Wi-Fi driver. The mwifiexadaptercleanup function incorrectly uses a non-synchronous timer deletion, allowing the wakeuptimer callback to access memory after it has been freed. This use-after-free vulnerability can lead to system instability, crashes,...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in timerdeletesync There are two paths to access mptcppmdeladdtimer, result in a race condition: CPU1 CPU2 ==== ==== netrxaction napipoll netlinksendmsg napipoll netlinkunicast processbacklog netlinkunicastkern...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013399)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013399 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in timerdeletesync There are two paths to access mptcppmdeladdtimer, result in...

CVE-2026-23281

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...

CVE-2026-23281

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix use-after-free in lbsfreeadapter The lbsfreeadapter function uses timerdelete non-synchronous for both commandtimer and txlockuptimer before the structure is freed. This is incorrect because timerdelete does n...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of asynchronous timer deletion. This vulnerability may lead to reuse of resources after...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004957 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel If an exiting...

CVE-2025-68757

In the Linux kernel, the following vulnerability has been resolved: drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timerdeletesync from fence-ops.release called on last dmafenceput. In some scenarios, it can run...

Linux Distros Unpatched Vulnerability : CVE-2025-68757

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/vgem-fence: Fix potential deadlock on release A timer that expires a vgem fence automatically in 10 seconds is now released with timerdeletesync from...

CVE-2025-40257

CVE-2025-40257 affects the Linux kernel MPTCP path. The issue is a race in mptcp_pm_del_add_timer() where calling sk_stop_timer_sync could race with an already-freed entry, leading to use-after-free. The fix adds RCU protection and replaces the add_timer flag with a stop_timer boolean, as noted i...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-384485)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-384485 advisory. In the Linux kernel, the following vulnerability has been resolved: media: bttv: fix use after free error due to btv-timeout timer There may be some a race conditio...

AZL-76770 CVE-2023-53574 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...

UBUNTU-CVE-2023-53574

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...

EUVD-2022-55501

Malicious code in bioql PyPI...

RLSA-2025:15662 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to use a synchronization mechanism when deleting timers in the smpexecutetasksg function, which...

CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...

CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...

CVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timer

In the Linux kernel, the following vulnerability has been resolved: mISDN: hfcpci: Fix warning when deleting uninitialized timer With CONFIGDEBUGOBJECTSTIMERS unloading hfcpci module leads to the following splat: 250.215892 ODEBUG: assertinit not available active state 0 object: ffffffffc01a3dc0...

CVE-2022-50251 mmc: vub300: fix return value check of mmc_add_host()

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...