23 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: Message: mptlan: Fixed a use-after-free bug in mptlanremove, due to a race condition. In mptlanprobe, mptregisterlandevice is called, which initializes the &priv-postbucketstask workqueue. A call to...
CVE-2026-45973
CVE-2026-45973 affects the Linux kernel’s RDMA/mlx5 driver. A race during firmware reset in LAG mode could cause the driver to hang indefinitely while waiting for UMR completion on device unload, because the master/bond device would miss slave sys_error events. The fix adds a sys_error notifier r...
CVE-2023-54310 scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition
In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlanremove due to race condition mptlanprobe calls mptregisterlandevice which initializes the &priv-postbucketstask workqueue. A call to mptlanwakepostbucketstask will subsequent...
CVE-2025-68617
FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...
CVE-2025-68617
FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990258)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990258 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ipset.ko...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990308)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990308 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting...
EUVD-2025-9378
Malicious code in bioql PyPI...
DEBIAN-CVE-2023-32246
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcubarrier in ksmbdserverexit racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcubarrier is not called at module unload time, so nothing prevents ksmbd from getting unloaded...
UBUNTU-CVE-2023-32246
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcubarrier in ksmbdserverexit racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcubarrier is not called at module unload time, so nothing prevents ksmbd from getting unloaded...
CVE-2023-32246
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcubarrier in ksmbdserverexit racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcubarrier is not called at module unload time, so nothing prevents ksmbd from getting unloaded...
CVE-2023-32246 ksmbd: call rcu_barrier() in ksmbd_server_exit()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcubarrier in ksmbdserverexit racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcubarrier is not called at module unload time, so nothing prevents ksmbd from getting unloaded...
Linux Distros Unpatched Vulnerability : CVE-2025-38462
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transportg2h,h2g TOCTOU vsockfindcid and vsockdevdoioctl may race with module...
Linux Distros Unpatched Vulnerability : CVE-2025-21943
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gpio: aggregator: protect driver attr handlers against module unload Both newdevicestore and...
UBUNTU-CVE-2025-38461
In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: proc: Fixed a UAF in procgetinode. Fixed a race condition between rmmod and the instantiation of /proc/XXX’s inode. The bug is that pde-procops does not belong to /proc; it belongs to a module. Therefore, dereferencing it afte...
DEBIAN-CVE-2025-21802
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each aedev node from hnae3aedevlist. If user unloads hns3 driver at the time, because it removes all the aedev node...
UBUNTU-CVE-2025-21802
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each aedev node from hnae3aedevlist. If user unloads hns3 driver at the time, because it removes all the aedev node...
DEBIAN-CVE-2024-26859
In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in pagepool Fix race condition leading to system crash during EEH error handling During EEH error recovery, the bnx2x driver's transmit timeout logic could cause a race condition when...
DEBIAN-CVE-2024-26846
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting all controllers and freeing 'left over IDs'. To prevent double free a synchronization between nvmedeletectrl and idadestroy has bee...