UBUNTU-CVE-2025-40047

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

CVE-2025-40047 io_uring/waitid: always prune wait queue entry in io_waitid_wait()

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

EUVD-2025-36481

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

CVE-2025-40047

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

CVE-2025-40047 io_uring/waitid: always prune wait queue entry in io_waitid_wait()

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

CVE-2025-40047

CVE-2025-40047 affects the Linux kernel io_uring waitid path. The root cause was a race where a wait queue entry could remain due to cancellation in progress, leading to missed cleanup. The connected advisories confirm the fix as: always prune the wait queue entry in io_waitid_wait() on successfu...

Linux Distros Unpatched Vulnerability : CVE-2025-40047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this w...

EUVD-2017-6430

Malware in sbrugna...

PT-2025-44115

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s io uring/waitid functionality. Specifically, the io waitid wait function did not consistently remove its entry from the wait queue entry list upon a...

SUSE CVE-2017-5123

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...

SUSE CVE-2017-14954

The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call...

CVE-2017-5123

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...

DEBIAN-CVE-2017-5123

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...

Input validation

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...

CVE-2017-5123

CVE-2017-5123 is a Linux kernel local privilege-escalation vulnerability in the waitid path. The waitid handler in kernel/exit.c writes to user memory by calling unsafe_put_user without performing an access_ok() check, and without wrapping user-space writes in the required user_access_begin()/use...

CVE-2017-5123

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...

CVE-2017-5123

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux...

Exploit for Improper Input Validation in Linux Linux_Kernel

CVE-2017-5123 PoC CVE-2017-5123 - LPE - Bypassing SMEP/SMAP. N...

Ubuntu 17.10 : linux, linux-raspi2 vulnerabilities (USN-3487-1)

It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2017-12188 It was...

USN-3487-1: Linux kernel vulnerabilities

It was discovered that the KVM subsystem in the Linux kernel did not properly keep track of nested levels in guest page tables. A local attacker in a guest VM could use this to cause a denial of service host OS crash or possibly execute arbitrary code in the host OS. CVE-2017-12188 It was...