41 matches found
The vulnerability of the aio kernel component in the Linux operating system allows attackers to increase their privileges within the system.
The vulnerability of the aio kernel component in the Linux operating system is related to memory management errors after deallocation. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
SUSE CVE-2024-40943
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix races between hole punching and AIO+DIO After commit "ocfs2: return real error code in ocfs2diowrgetblock", fstests/generic/300 become from always failed to sometimes failed:...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition issue in the ocfs2 filesystem when handling AIO+DIO with hole-punching operations,...
SUSE CVE-2024-36894
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix race between aiocancel and AIO request complete FFS based applications can utilize the aiocancel callback to dequeue pending USB requests submitted to the UDC. There is a scenario where the FFS application...
SUSE CVE-2024-35815
In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument may point at a struct kiocb that is not embedded inside struct aiokiocb. With the current code, depending on the compiler, the...
kernel: ovl: fix use after free in struct ovl_aio_req
A use-after-free flaw was found in the Linux kernel’s Ext4 File System in how a user triggers several file operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially escalate their privileges on the system. Only if patch 9a2544037600 "ovl: fix use...
SUSE CVE-2012-0058
The kiocbbatchfree function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cause a denial of service OOPS via vectors that trigger incorrect iocb management...
SUSE CVE-2014-8172
The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service soft lockup or system crash via unspecified use of Asynchronous I/O AIO operations...
The vulnerability of the aio subsystem in FreeBSD systems allows attackers to execute arbitrary code.
The vulnerability of the aio subsystem in FreeBSD relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the asynchronous input/output interface io_uring in Linux kernel allows a attacker to prematurely terminate the process or gain elevated privileges.
The vulnerability of the asynchronous input/output interface iouring in Linux operating systems is related to data type mixing errors. Exploiting this vulnerability can allow an attacker to abruptly terminate the process or gain increased privileges...
kernel: AIO write triggers integer overflow in some protocols
Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701 regression...
kernel: Null pointer dereference in trace_writeback_dirty_page()
A security flaw was found in the Linux kernel that an attempt to move page mapped by AIO ring buffer to the other node triggers NULL pointer dereference at tracewritebackdirtypage, because aiofsbackingdevinfo.dev is 0...
Qemu: ide: ahci use-after-free vulnerability in aio port commands
A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing NCQ AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU proces...
Linux kernel denial of service vulnerability (CNVD-2015-01817)
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the file system implementation of Linux kernel 3.12.17 and prior versions, which originates from a program that uses an improper locking...
kernel: soft lockup on aio
It was found that due to excessive fileslock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system...
DEBIAN-CVE-2014-8172
The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service soft lockup or system crash via unspecified use of Asynchronous I/O AIO operations...
UBUNTU-CVE-2014-8172
The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of service soft lockup or system crash via unspecified use of Asynchronous I/O AIO operations...
kernel: soft lockup on aio
It was found that due to excessive fileslock locking, a soft lockup could be triggered in the Linux kernel when performing asynchronous I/O operations. A local, unprivileged user could use this flaw to crash the system...
kernel asynchronous IO on a FIFO kernel panic
Linux kernel before 2.4.21 allows local users to cause a denial of service kernel panic via asynchronous input or output on a FIFO special file...
Linux Kernel PPC64/IA64 (AIO) Local Denial of Service Exploit
Exploit for linux platform in category dos / poc ============================================================= Linux Kernel PPC64/IA64 AIO Local Denial of Service Exploit ============================================================= // // Proof of Concept by Daniel McNeil // compile using cc -o...