CVE-2025-23134

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take registermutex with copyfrom/touser The infamous mmaplock taken in copyfrom/touser can be often problematic when it's called inside another mutex, as they might lead to deadlocks. In the case of ALSA timer...

DEBIAN-CVE-2025-23134

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take registermutex with copyfrom/touser The infamous mmaplock taken in copyfrom/touser can be often problematic when it's called inside another mutex, as they might lead to deadlocks. In the case of ALSA timer...

UBUNTU-CVE-2025-23134

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take registermutex with copyfrom/touser The infamous mmaplock taken in copyfrom/touser can be often problematic when it's called inside another mutex, as they might lead to deadlocks. In the case of ALSA timer...

CVE-2025-23134 ALSA: timer: Don't take register_mutex with copy_from/to_user()

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take registermutex with copyfrom/touser The infamous mmaplock taken in copyfrom/touser can be often problematic when it's called inside another mutex, as they might lead to deadlocks. In the case of ALSA timer...

CVE-2025-23134 ALSA: timer: Don't take register_mutex with copy_from/to_user()

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take registermutex with copyfrom/touser The infamous mmaplock taken in copyfrom/touser can be often problematic when it's called inside another mutex, as they might lead to deadlocks. In the case of ALSA timer...

CVE-2025-23134 ALSA: timer: Don't take register_mutex with copy_from/to_user()

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take registermutex with copyfrom/touser The infamous mmaplock taken in copyfrom/touser can be often problematic when it's called inside another mutex, as they might lead to deadlocks. In the case of ALSA timer...

CVE-2025-23134

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take registermutex with copyfrom/touser The infamous mmaplock taken in copyfrom/touser can be often problematic when it's called inside another mutex, as they might lead to deadlocks. In the case of ALSA timer...

CVE-2025-23134

CVE-2025-23134 affects the Linux kernel ALSA timer code. The vulnerability stems from taking mmap_lock while inside a mutex-wrapped copy_from/to_user() via the pattern guard(mutex)(&register_mutex). This can lead to deadlocks when copy_from/to_user() is invoked under the register_mutex, particula...

CVE-2025-22077

CVE-2025-22077 relates to the Linux kernel CIFS/SMB client TCP timer deadlock fix. The description explains that a prior patch intended to fix a null-pointer dereference (related to CVE-2024-54680) was reverted, which in turn revived a real issue with TCP sockets for CIFS connections. The root ca...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ALSA timer performing a copyfrom/touser operation while holding registermutex, which could result in a...

PT-2025-38570

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free vulnerability within the brcmfmac module related to the handling of the brcmf btcoex info workqueue. Specifically, the brcmf btcoex detach...

PT-2025-38566

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the ptp ocp watchdog function. The ptp ocp detach function only shuts down the watchdog timer if it is pending. If the timer handl...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...

The vulnerability of the pc_clock_settime() function in the kernel/time/posix-clock.c module of the Linux kernel’s timer subsystem allows a hacker to cause a system failure.

The vulnerability of the pcclocksettime function in the kernel/time/posix-clock.c module of the Linux timer subsystem is related to insufficient checking of exceptional conditions. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2025-25849

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the scsi: target: iscsi component. The issue occurs when the NOPIN response timer expires on a deleted connection,...

OESA-2025-1408 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-52927: netfilter: allow exp not to be removed in nfctfindexpectation bsc1239644. CVE-2024-35910: tcp: properly terminate timers for kernel sockets...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237918. CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238919...

CVE-2024-11180

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer Widget ekitcountdowntimertitle parameter in all versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping. This makes it possible for...

The vulnerability of the ps CancelTimer() function in the Linux kernel Bluetooth driver allows a hacker to trigger a service failure.

The vulnerability of the ps CancelTimer function in the Linux kernel Bluetooth driver is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a attacker to cause a service failure...