NewStart CGSL MAIN 6.06 (SP) : blktrace Vulnerability (NS-SA-2026-0021)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has blktrace packages installed that are affected by a vulnerability: - blktrace aka Block IO Tracing 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the devmapread function in btt/devmap.c because the device...

CVE-2021-47375

In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...

kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c

A use-after-free vulnerability was found in the Linux kernel’s implementation of blktrace in the blkaddtrace function. A local attacker with permissions to run block trace instructions against a device can create a situation where the core blocktrace object is used after it is freed. The attacker...

Blktrace Buffer Overflow Vulnerability

blktrace a.k.a. Block IO Tracing is a Linux-based tool for collecting IO information from disks. A buffer overflow vulnerability exists in the 'devmapread' function of the btt/devmap.c file in version 1.2.0 of blktrace, which stems from an array of devices and devno's being too small. When used...