kernel: nvmet-tcp: fix race between ICReq handling and queue teardown

A flaw was found in the Linux kernel's NVMe over TCP nvmet-tcp implementation. A race condition exists between the handling of an Initialization Connection Request ICReq and the teardown of a queue. A remote attacker, by sending an ICReq and immediately closing the connection, could trigger a...

EUVD-2026-39255

In the Linux kernel, the following vulnerability has been resolved: iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle and trailer. If the middle is empty because there are no aligned pages ...

kernel: nvmet-tcp: fix race between ICReq handling and queue teardown

A flaw was found in the Linux kernel's NVMe over TCP nvmet-tcp implementation. A race condition exists between the handling of an Initialization Connection Request ICReq and the teardown of a queue. A remote attacker, by sending an ICReq and immediately closing the connection, could trigger a...

kernel: nvmet-tcp: fix race between ICReq handling and queue teardown

A flaw was found in the Linux kernel's NVMe over TCP nvmet-tcp implementation. A race condition exists between the handling of an Initialization Connection Request ICReq and the teardown of a queue. A remote attacker, by sending an ICReq and immediately closing the connection, could trigger a...

kernel: nvmet-tcp: fix race between ICReq handling and queue teardown

A flaw was found in the Linux kernel's NVMe over TCP nvmet-tcp implementation. A race condition exists between the handling of an Initialization Connection Request ICReq and the teardown of a queue. A remote attacker, by sending an ICReq and immediately closing the connection, could trigger a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvme: fixed the lifetime of the admin requestqueue Namespaces can access the controller’s admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure that the admin requestqueue ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: Do not access a released socket during error recovery. While the error recovery mechanism is temporarily failing due to reconnect attempts, running the nvme list command causes a kernel NULL pointer derefrence by callin...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fscrypt: fixed an underflow issue during left shift when inode-iblkbits PAGESHIFT When simulating an NVMe device on qemu with both logicalblocksize and physicalblocksize set to 8 KiB, an error trace appears during partition table...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme: fixed memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nvme-core: fixed a memory leak in dhchapctrlsecret. Free dhchapsecret from nvmectrldhchapctrlsecretstore before returning, when nvmeauthGenerateKey returns an error...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-multipath: fixed the suspicious RCU usage warning When I run the NVME over TCP test in virtme-ng, I receive the following “suspicious RCU usage” warning in nvmempathaddsysfslink: ''' 5.024557 T44 nvmet: Created nvm...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fixed the DMA-API call trace for NVMe LS requests. The following message and call trace were observed with debug kernels: DMA-API: qla2xxx 0000:41:00.0: The device driver failed to check the map error device...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nvme-multipath: fixed the lockdep warning due to the partition scan operation. The test cases nvme/014, 057, and 058 occasionally fail due to the lockdep warning. As reported in the Closes tag URL, this warning indicates that ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/slab/kvfreercu: The switch to WQMEMRECLAIM wq was implemented. Currently, the kvfreercu APIs use a system workqueue, which is “systemunboundwq” for the driver’s RCU machinery to reclaim memory. Recently, the following kernel...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Validates nvmelocalport correctly The driver load failed with the following error message: qla2xxx 0000:04:00.0-ffff:0: registerlocalport failed: ret=ffffffef And there was a kernel crash: BUG: Unable to handle ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: Remove the tag set when the second admin queue configuration fails. Commit 104d0e2f6222 “nvme-fabrics: Reset the admin connection for secure concatenation” modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-pci: Handling of changes to the device’s DMA map requirements. The initial state of dmaneedsunmap might be false, but it becomes true during the DMA mapping process. Enabling swiotlb can affect the outcome in such cases...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nvmet: fixed a use-after-free issue. Fixed the following use-after-free complaint triggered by blktests nvme/004: BUG: KASAN: user-memory-access in blkmqcompleterequestremote+0xac/0x350 Read of size 4 at addr 0000607bd1835943 ...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: Null pointer dereferencing has been prevented in nvmefciogetuuid. The nvmefcfcpop structure, which describes an AEN operation, is initialized with a null pointer to the request structure. An FC LLDD may make a call to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-pci: fixed the mempool allocation size. The maximum size was converted to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. This result is used to determine how many PRP Lists a...