70 matches found
CVE-2025-58142
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
ALSA: usb-audio: Kill timer properly at removal
...
RLSA-2025:11456 Moderate: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 kernel: net: ch9200: fix uninitialised access during...
CVE-2025-38105
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Kill timer properly at removal The USB-audio MIDI code initializes the timer, but in a rare case, the driver might be freed without the disconnect call. This leaves the timer in an active state while the assigned...
CVE-2020-11175
u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in...
CVE-2025-21825 bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT
In the Linux kernel, the following vulnerability has been resolved: bpf: Cancel the running bpftimer through kworker for PREEMPTRT During the update procedure, when overwrite element in a pre-allocated htab, the freeing of oldelement is protected by the bucket lock. The reason why the bucket lock...
SUSE CVE-2022-49303
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192eu: Fix deadlock in rtwjoinbsseventprehandle There is a deadlock in rtwjoinbsseventprehandle, which is shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle| modtimer spinlockbh //1 | wait ...
SUSE CVE-2022-49309
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix deadlock in rtwsurveydoneeventcallback There is a deadlock in rtwsurveydoneeventcallback, which is shown below: Thread 1 | Thread 2 | settimer rtwsurveydoneeventcallback| modtimer spinlockbh //1 |...
DEBIAN-CVE-2022-49305
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192u: Fix deadlock in ieee80211beaconsstop There is a deadlock in ieee80211beaconsstop, which is shown below: Thread 1 | Thread 2 | ieee80211sendbeacon ieee80211beaconsstop | modtimer spinlockirqsave //1 |...
UBUNTU-CVE-2022-49303
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192eu: Fix deadlock in rtwjoinbsseventprehandle There is a deadlock in rtwjoinbsseventprehandle, which is shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle| modtimer spinlockbh //1 | wait ...
CVE-2022-49313
In the Linux kernel, the following vulnerability has been resolved: drivers: usb: host: Fix deadlock in oxubussuspend There is a deadlock in oxubussuspend, which is shown below: Thread 1 | Thread 2 | timeraction oxubussuspend | modtimer spinlockirq //1 | wait a time ... | oxuwatchdog deltimersync...
CVE-2024-53160
In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...
CVE-2024-53160 rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu
In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...
Unspecified vulnerability in Linux kernel (CNVD-2024-40279)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle timers when handling timer interrupts. No details of the vulnerability are...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly handle timers when handling timer interrupts. No details of the vulnerability are...
SUSE CVE-2021-47396
In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handling of the hrtimer here is wrong: If the timer fires late e.g. due to vCPU scheduling, as reported b...
CVE-2021-47396 mac80211-hwsim: fix late beacon hrtimer handling
In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our handling of the hrtimer here is wrong: If the timer fires late e.g. due to vCPU scheduling, as reported b...
SUSE CVE-2018-17468
Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page...