527 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unchecked ordered work queue assignment return value that could result in a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clean up the ring interrupt work queue and affinity on a load failure, which could lead to...
CVE-2025-68323
CVE-2025-68323 concerns a Linux kernel use-after-free in usb: typec: ucsi (uec->work). The issue arises when a delayed work item scheduled in gaokun_ucsi_probe() is not canceled on gaokun_ucsi_remove(), allowing use-after-free of ucsi/gaokun_ucsi structures while a worker may still run or be q...
CVE-2023-53799
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
SUSE CVE-2023-53799
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
Linux Distros Unpatched Vulnerability : CVE-2023-53799
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is...
EUVD-2023-60107
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
CVE-2023-53799
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
DEBIAN-CVE-2023-53799
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
CVE-2023-53799
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
UBUNTU-CVE-2023-53799
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
CVE-2023-53799 crypto: api - Use work queue in crypto_destroy_instance
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
CVE-2023-53799
CVE-2023-53799 affects the Linux kernel crypto subsystem where crypto_destroy_instance could free an instance in atomic context if the last user unregisters while active. Root cause: crypto_drop_spawn may be invoked outside process context, risking atomic-context frees. Fix: defer the freeing to ...
CVE-2023-53799 crypto: api - Use work queue in crypto_destroy_instance
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
CVE-2023-53799
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a work queue leak in drm/msm on a bind error...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from cryptodestroyinstance not releasing an instance in the work queue, which could lead to post-release reuse in...
PT-2025-49659
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the crypto API related to instance destruction. The crypto drop spawn function is designed to operate within a process context, but it can be triggere...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly freeing the work queue of a background tracker, which could lead to a memory leak...
CVE-2025-40249
The CVE-2025-40249 issue affects the Linux kernel GPIO character device (gpio cdev). The release path can defer the fput() action to a work queue while the descriptor’s reference count already reached zero, risking a use-after-free if get_file() is used. The documented fix is to use get_file_acti...