CVE-2022-49149 rxrpc: Fix call timer start racing with call destruction

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call timer start racing with call destruction The rxrpccall struct has a timer used to handle various timed events relating to a call. This timer can get started from the packet input routines that are run in softirq...

CVE-2022-49149

The CVE-2022-49149 issue concerns the Linux kernel’s rxrpc timer race: a timer in the rxrpc_call structure can be started from packet input paths running under softirq with only the RCU read lock held. This allowed a call to be destroyed concurrently with timer start, potentially restarting a tim...

CVE-2022-49087

The CVE-2022-49087 entry documents a race in Linux kernel networking code: rxrpc_exit_net() may exit while rxnet->peer_keepalive_timer is still armed, allowing a use-after-free via the rxrpc_peer_keepalive_timeout path. A fix was committed to address this race (in the kernel and mirrored in As...

CVE-2022-49087 rxrpc: fix a race in rxrpc_exit_net()

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix a race in rxrpcexitnet Current code can lead to the following race: CPU0 CPU1 rxrpcexitnet rxrpcpeerkeepaliveworker if rxnet-live rxnet-live = false; deltimersync&rxnet-peerkeepalivetimer;...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to cancel a timer in the scosockconnect function, resulting in reuse after release...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an exit in rxrpcexitnet while peerkeepalivetimer is still active, which could lead to reuse after release...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the timercycleus value of rzg2lwdt may be zero due to a 32-bit overflow, resulting in an invalid timeout val...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a call timer start and call destroy contention...

WordPress plugin Countdown Timer for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not using deltimersync before release...

PT-2025-8321 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A 32bit overflow issue has been identified in the Linux kernel, specifically in the watchdog component rzg2l wdt. The issue arises when the value of timer cycle us can be 0 due to the...

USN-7289-3 linux-ibm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

CVE-2025-26938

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Countdown Timer countdown-time allows Stored XSS.This issue affects Countdown Timer: from n/a through = 1.2.6...

CVE-2025-26938

CVE-2025-26938 is a stored XSS in the Countdown Timer block for WordPress (Countdown Timer plugin). It affects version 1.2.6 and earlier (Authenticated: Contributor+). The issue arises during countdown display, allowing input neutralization failures in the block’s rendering. A patch exists in 1.2...

CVE-2025-26938 WordPress Countdown Timer block plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Countdown Timer countdown-time allows Stored XSS.This issue affects Countdown Timer: from n/a through = 1.2.6...

CVE-2025-26938 WordPress Countdown Timer block plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Countdown Timer countdown-time allows Stored XSS.This issue affects Countdown Timer: from n/a through = 1.2.6...

USN-7289-2 linux-azure-5.15, linux-azure-fde-5.15, linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

PT-2025-7856 · Unknown · Bplugins Countdown Timer

Name of the Vulnerable Software and Affected Versions: bPlugins Countdown Timer versions 1.2.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability. This allows for Stored XSS attacks...

WordPress plugin Countdown Timer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

openSUSE Security Advisory (SUSE-SU-2024:0444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...