CVE-2023-54227 blk-mq: fix tags leak when shrink nr_hw_queues

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...

CVE-2023-54227 blk-mq: fix tags leak when shrink nr_hw_queues

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...

CVE-2023-54223 net/mlx5e: xsk: Fix invalid buffer access for legacy rq

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

CVE-2023-54223

CVE-2023-54223: In the Linux kernel mlx5 net/xsk legacy-rq path, a buffer could be released twice (in XDP_REDIRECT and then by the driver) due to switching from a skip-release flag to fragment-counts. The fix adds a guard flag to avoid driver-side release, preventing a use-after-free/general-prot...

CVE-2023-54223 net/mlx5e: xsk: Fix invalid buffer access for legacy rq

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

CVE-2023-54223

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

CVE-2022-50838

CVE-2022-50838 concerns a Linux kernel issue in net: stream where the socket error queue (sk_error_queue) was not purged on socket close, enabling TCP socket leaks and potential memory exhaustion. The root cause involves TX timestamping and error queue handling: when SOF_TIMESTAMPING_TX_ACK is en...

CVE-2022-50838 net: stream: purge sk_error_queue in sk_stream_kill_queues()

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

CVE-2022-50838 net: stream: purge sk_error_queue in sk_stream_kill_queues()

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

CVE-2022-50833

CVE-2022-50833 relates to the Linux kernel Bluetooth HCI work queue handling. The issue arose when scheduling hdev->{cmd,ncmd}_timer work on the hdev->workqueue during a draining WQ, which could conflict with a destruction-during-queue state. The mitigation involves using the hdev->workq...

CVE-2023-54201 RDMA/efa: Fix wrong resources deallocation order

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

CVE-2023-54201 RDMA/efa: Fix wrong resources deallocation order

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

CVE-2023-54191 wifi: mt76: mt7996: fix memory leak in mt7996_mcu_exit

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix memory leak in mt7996mcuexit Always purge mcu skb queues in mt7996mcuexit routine even if mt7996firmwarestate fails...

PT-2025-54138

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a data race condition within the RDMA/irdma subsystem, specifically related to the completion queue pair CQP request done memory location. Kernel Concurrency...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992311)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992311 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: Fix hung when signal interrupts nbdstartdeviceioctl syzbot reported hung task 1. The followi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992559 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavfallocasqbufs/iavfallocarqbufs allocates with dmaalloccoherent...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992608 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: fix netdevice reference leaks in attachdefaultqdiscs In attachdefaultqdiscs, if a dev...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992427)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992427 advisory. In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFAC...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992477 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: put dlstid if fail to queue dlrecall Before calling nfsd4runcb to queue dlrecall to the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a work queue that has a post-release reuse issue that could lead to memory corruption...