CVE-2026-46202

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness - mutexlock from two different atomic contexts: appletbinactivitytimer is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cgroup: Split cgroupdestroywq into 3 workqueues A hang can occur during 1 LTP cgroup testing when repeatedly mounting/unmounting perfevent and netprio controllers with systemd.unifiedcgrouphierarchy=1. The hang manifests in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak has been fixed in hpdrxirqcreateworkqueue. If the construction of the array of work queues to handle hpdrxirq offload fails, we need to unwind the process. All the created workqueues and the allocated...

CVE-2026-43119

In CVE-2026-43119, the Linux kernel Bluetooth HCI synchronous command infrastructure has a data race on hdev->req_status: __hci_cmd_sync_sk() updates it under req_lock on one workqueue, while other paths (e.g., hci_send_cmd_sync on a different workqueue, plus hci_cmd_sync_complete/cancel) read...

Linux Distros Unpatched Vulnerability : CVE-2026-43119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several...

PT-2026-37429

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the Bluetooth component involving the hdev-req status variable. While hci cmd sync sk modifies this variable under the hdev-req lock, other functions—including hci...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with WQUNBOUND, its work items are served by special worker-pools, whose host workers are not bound to any specific CPU. In the default configuration i.e. when...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure we clean up the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it calls the tasklet callback and then it calls taskletunlock. If the...

EUVD-2023-60319

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure we clean up the...

CVE-2023-54126

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure we clean up the...

CVE-2023-54126 crypto: safexcel - Cleanup ring IRQ workqueues on load failure

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure we clean up the...

CVE-2025-40303 btrfs: ensure no dirty metadata is written back for an fs with errors

In the Linux kernel, the following vulnerability has been resolved: btrfs: ensure no dirty metadata is written back for an fs with errors BUG During development of a minor feature make sure all btrfsbio::endio is called in task context, I noticed a crash in generic/388, where metadata writes...

CVE-2025-40303 btrfs: ensure no dirty metadata is written back for an fs with errors

In the Linux kernel, the following vulnerability has been resolved: btrfs: ensure no dirty metadata is written back for an fs with errors BUG During development of a minor feature make sure all btrfsbio::endio is called in task context, I noticed a crash in generic/388, where metadata writes...

kernel: idpf: convert workqueues to unbound

In the Linux kernel, the following vulnerability has been resolved: idpf: convert workqueues to unbound When a workqueue is created with WQUNBOUND, its work items are served by special worker-pools, whose host workers are not bound to any specific CPU. In the default configuration i.e. when...

CVE-2025-40061 RDMA/rxe: Fix race in do_task() when draining

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in dotask when draining When dotask exhausts its iteration budget !ret, it sets the state to TASKSTATEIDLE to reschedule, without a secondary check on the current task-state. This can overwrite the...

EUVD-2025-36467

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in dotask when draining When dotask exhausts its iteration budget !ret, it sets the state to TASKSTATEIDLE to reschedule, without a secondary check on the current task-state. This can overwrite the...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2025-1254)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1254 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: always use READONCE to read ring provided buffer lengths CVE-2025-39816 In the Linux kernel, the following...

Linux Distros Unpatched Vulnerability : CVE-2025-39953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cgroup: split cgroupdestroywq into 3 workqueues A hung task can occur during 1 LTP cgroup testing when repeatedly mounting/unmounting perfevent and netprio...

CVE-2022-50515 drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in hpdrxirqcreateworkqueue If construction of the array of work queues to handle hpdrxirq offload work fails, we need to unwind. Destroy all the created workqueues and the allocated memory for the...