Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux
kernel did not properly handle locking for rings with IOPOLL, leading to a
double-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-21400)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– TTY drivers;
– Netfilter;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-53141, CVE-2024-53103, CVE-2024-40967, CVE-2024-53164)
More Stories
USN-7262-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
crun-1.20-2.fc40
FEDORA-2025-166f075581 Packages in this update: crun-1.20-2.fc40 Update description: Security fix for GHSA-f42g-r5jj-qh4j Read More
crun-1.20-2.fc41
FEDORA-2025-46200d968d Packages in this update: crun-1.20-2.fc41 Update description: Security fix for GHSA-f42g-r5jj-qh4j Read More
USN-7259-3: GNU C Library vulnerability
USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory...
USN-7259-2: GNU C Library vulnerability
USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory...
USN-7261-1: Vim vulnerability
It was discovered that Vim incorrectly handled certain internal calls when scrolling a window. An attacker could possibly use this...