778 matches found
PT-2026-44230
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug exists in the rebalance children function within the dm-thin component. When an internal btree node contains a single entry, the system attempts to copy all btree entries from the...
CVE-2026-46023
A flaw was found in the Linux kernel's device mapper dm mirror component. A local user could exploit an integer overflow vulnerability in the createdirtylog function by providing a specially crafted device mapper table string. This could lead to out-of-bounds reads, potentially causing system...
CVE-2026-46023
In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...
CVE-2026-46023
CVE-2026-46023 is a Linux kernel vulnerability in dm-mirror where create_dirty_log() could bypass argc checks due to an unsigned add of 2 + param_count, allowing an out-of-bounds read in argv when param_count is near UINT_MAX. The root cause is an overflow in argument count calculation before val...
EUVD-2026-32404
In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...
CVE-2026-46023
In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...
PT-2026-43890
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the create dirty log function within the dm mirror component. The calculation args used = 2 + param count occurs before validating against argc. If a user...
CVE-2026-46023
dm mirror: fix integer overflow in createdirtylog...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In the dmstats function, check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: dm integrity: Memory corruption occurs when tagsize is less than digestsize. It is possible to configure dm-integrity in such a way that the tagsize parameter is smaller than the actual digestsize. In this case, a portion of the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: dm: fixed a NULL pointer race issue when completing IO operations. The dmiodecpending function calls endioacct first, and then decreases the number of pending DMA operations. However, if a task swaps the DM table at the same...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dm: Fix NULL pointer dereferencing in dmsuspend. There is a race condition between the suspension of the dm device and the loading of data into the table, which can lead to a NULL pointer dereferencing. This issue occurs when the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: dm thin: Make getfirstthin use rcu-safe list first function. The documentation in rculist.h explains the absence of listemptyrcu and warns programmers against relying on a sequence of listempty - listfirst in RCU-safe code. This ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: - dm clone: Fixed a UAF Use-after-Free in clonedtr. - Dmclone also has the same UAF issue when dmresume and dmdestroy are executed concurrently. Therefore, the timer is canceled again in clonedtr...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dm mpath: Added the missing dmputdevice call when failing to obtain the scsi dh name. When commit fd81bc5cca8f “scsi: devicehandler: Returning an error pointer in scsidhattachedhandlername”, code was added to fail the parsing of...
kernel: dm: fix NULL pointer dereference in __dm_suspend()
In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in dmsuspend There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes: BUG...
SUSE CVE-2026-43309
In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID array can cause the system to hang under specific conditions. This occurs when: - A dm-raid managed...
SUSE CVE-2026-43192
In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...
SUSE CVE-2026-43278
In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq-bio values have been observed to cause double-initialization of cloned bios in request-based device-mapper targets, leading to use-after-free and...
CVE-2026-43314
A flaw was found in the Linux kernel's device mapper dm driver. When an I/O timeout failure is intentionally introduced to a device mapper device, the driver does not correctly manage the timeout. This oversight causes a request to remain uncompleted, leading to system tasks hanging indefinitely...