SUSE CVE-2026-43227

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/shtmu: Always leave device running after probe The TMU device can be used as both a clocksource and a clockevent provider. The driver tries to be smart and power itself on and off, as well as enabling and...

CVE-2025-40257

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusin...

CVE-2025-38105

CVE-2025-38105 concerns the Linux kernel ALSA USB audio path. The issue arises when the USB-audio MIDI driver’s timer is initialized but the driver is freed without an explicit disconnect, potentially leaving an active timer and triggering a kernel warning under debug builds. The documented fix i...

CVE-2022-50005 nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fix use-after-free bugs caused by pn532cmdtimeout When the pn532 uart device is detaching, the pn532uartremove is called. But there are no functions in pn532uartremove that could delete the cmdtimeout timer, which wil...

CVE-2023-53094 tty: serial: fsl_lpuart: fix race on RX DMA shutdown

In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown: : : lpuart32shutdown lpuartdmashutdown deltimersync lpuartdmarxcomplete lpuartcopyrxtotty modtimer...

CVE-2022-49305

In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192u: Fix deadlock in ieee80211beaconsstop There is a deadlock in ieee80211beaconsstop, which is shown below: Thread 1 | Thread 2 | ieee80211sendbeacon ieee80211beaconsstop | modtimer spinlockirqsave //1 |...

CVE-2024-53160

CVE-2024-53160 : The MiracleLinux advisory confirms a Linux kernel data-race in rcu/kvfree between __mod_timer/kvfree_call_rcu and kfree_rcu_monitor. The fix acquires krcp->lock in kfree_rcu_monitor to ensure both functions do not race when updating krcp->monitor_work.timer.expires, address...

kernel: mptcp: pm: Fix uaf in __timer_delete_sync

A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...

CVE-2024-26654 ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard-timer could schedule the spudmawork and the spudmawork could also arm the dreamcastcard-timer. When the sndpcmsubstream is closing, the aicachannel wi...

GLSA-200805-18 : Mozilla products: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200805-18 Mozilla products: Multiple vulnerabilities The following vulnerabilities were reported in all mentioned Mozilla products: Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren, and Paul Nickerson reported browser...