19 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fixed the potential deadlock. When some client process A calls pdraddlookup to add a lookup for the service and performs scheduling-related tasks, another process B receives a new server packet indicating that the...
EUVD-2026-19198
In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini After canceldelayedworksync is called from xfrmnatkeepalivenetfini, xfrmstatefini flushes remaining states via xfrmstatedelete, which calls...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992530)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992530 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext Key information in wext.connect is not reset on...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a work scheduling contention condition that could lead to a reference counting error...
SUSE CVE-2023-53153
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext Key information in wext.connect is not reset on reconnect and can hold data from a previous connection. Reset key data to avoid that drivers or mac80211 incorrectly detect a WEP...
UBUNTU-CVE-2025-22014
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...
CVE-2025-22014 soc: qcom: pdr: Fix the potential deadlock
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...
UBUNTU-CVE-2024-58042
In the Linux kernel, the following vulnerability has been resolved: rhashtable: Fix potential deadlock by moving schedulework outside lock Move the hash table growth check and work scheduling outside the rht lock to prevent a possible circular locking dependency. The original implementation could...
CVE-2024-58042
In the Linux kernel, the following vulnerability has been resolved: rhashtable: Fix potential deadlock by moving schedulework outside lock Move the hash table growth check and work scheduling outside the rht lock to prevent a possible circular locking dependency. The original implementation could...
CVE-2024-58042
CVE-2024-58042 relates to the Linux kernel and fixes a potential deadlock in rhashtable growth logic. The original implementation could trigger a deadlock chain involving nested locks between the rhashtable bucket, rq lock, and dsq lock. The fix moves the hash table growth check and work scheduli...
CVE-2024-58042 rhashtable: Fix potential deadlock by moving schedule_work outside lock
In the Linux kernel, the following vulnerability has been resolved: rhashtable: Fix potential deadlock by moving schedulework outside lock Move the hash table growth check and work scheduling outside the rht lock to prevent a possible circular locking dependency. The original implementation could...
SUSE CVE-2024-56718
In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but execute after lgr freed, which may result in crash. So it is need to hold a reference before shedule link down work...
SUSE-SU-2024:3631-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...
SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:2207-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2207-1 advisory. This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...
SUSE SLES12 Security Update : kernel (Live Patch 51 for SLE 12 SP5) (SUSE-SU-2024:1692-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1692-1 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb-macheader If an AFPACKE...
kernel: tls: race between tx work scheduling and socket close
A race condition vulnerability was found in the tls subsystem of the Linux kernel. The submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete, which could lead to undefined behavior and a denial of service...
tls: fix race between tx work scheduling and socket close
...
DEBIAN-CVE-2024-26585
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...
Starbucks: China – Limited Partner PII Regarding Work Scheduling via Unauthenticated API Endpoint
0xpatrik discovered an unauthenticated API endpoint that allowed retrieval of specified work leave dates of designated Starbucks employees in China. @0xpatrik — thank you for reporting the original vulnerability and for confirming the resolution...