96 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-53823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block/rqqos: protect rqqos apis with a new lock commit 50e34d78815e block: disable the elevator int delgendisk move rqqosexit from diskrelease to delgendisk, th...
PT-2025-52884
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak existed in the blkdev issue zero pages function within the block subsystem of the Linux kernel. The issue occurred because the check for a fatal signal was performed after...
kernel: block: fix uaf for flush rq while iterating tags
In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blkmqclearflushrqmapping is not called during scsi probe, by checking blkqueueinitdone. However, QUEUEFLAGINITDONE is cleared in delgendisk by commit aec89dc5d421 "block: keep...
EUVD-2025-29059
Malicious code in bioql PyPI...
CVE-2022-50329
CVE-2022-50329 affects the Linux kernel’s block/bfq subsystem. The root cause was a use-after-free: bfqq could be freed in bfq_exit_icq_bfqq() and then used in bic_set_bfqq(), leading to UAF. The fix reorders operations by moving bfq_exit_bfqq() behind bic_set_bfqq(), preventing the invalid access.
CVE-2025-39795 block: avoid possible overflow for chunk_sectors check in blk_stack_limits()
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...
CVE-2025-39795
CVE-2025-39795 involves a kernel block layer (blk_stack_limits) overflow where chunk_sectors could exceed an unsigned int when interpreted in bytes. The concrete fix, documented in multiple advisories (e.g., Ubuntu USN entries and Oracle/Linux ELSA/DLA), changes the validation to operate on secto...
block: fix race between set_blocksize and read paths
...
USN-7703-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
Linux Distros Unpatched Vulnerability : CVE-2019-25044
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation...
Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122234 fixes several issues. The following security issues were fixed: CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708...
UBUNTU-CVE-2022-50086
In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same type rqqos add more than once In our test of iocost, we encountered some list add/del corruptions of innerwalk list in ioctimerfn. The reason can be described as follows: cpu 0 cpu 1 iocqoswrite...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Block: Fixed resource leak in the blkmqsysfsregister error path. When registration of a queue fails after blkmqsysfsregister is successful, but the function later encounters an error, we need to clean up the blkmqsysfs resources...
CVE-2025-37980
In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blkregisterqueue error path When registering a queue fails after blkmqsysfsregister is successful but the function later encounters an error, we need to clean up the blkmqsysfs resources. Add the missi...
AZL-70262 CVE-2025-37980 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blkregisterqueue error path When registering a queue fails after blkmqsysfsregister is successful but the function later encounters an error, we need to clean up the blkmqsysfs resources. Add the missi...
UBUNTU-CVE-2025-37980
In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blkregisterqueue error path When registering a queue fails after blkmqsysfsregister is successful but the function later encounters an error, we need to clean up the blkmqsysfs resources. Add the missi...
CLSA-2025-1747688831 kernel: Fix of 20 CVEs
drm/dpmst: Ensure mstprimary pointer is valid in drmdpmsthandleupreq CVE-2024-57798 - block: Fix handling of offline queues in blkmqallocrequesthctx CVE-2022-49720 - drm: nv04: Fix out of bounds access CVE-2024-27008 - parport: Proper fix for array out-of-bounds access CVE-2024-50074 - Bluetooth:...
USN-7511-1 linux-gcp vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...
USN-7496-5 linux-azure-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...
DEBIAN-CVE-2022-49902
In the Linux kernel, the following vulnerability has been resolved: block: Fix possible memory leak for rqwb on adddisk failure kmemleak reported memory leaks in deviceadddisk: kmemleak: 3 new suspected memory leaks unreferenced object 0xffff88800f420800 size 512: comm "modprobe", pid 4275, jiffi...