11 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004076)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004076 advisory. An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfqidleslicetimerbody. Tenable has extracted th...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-50208: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages bsc1233118 CVE-2024-50250: fsdax: daxunshareiter needs to copy entire blocks bsc1233227 CVE-2024-53146: NFSD: prevent a potential integer overflo...
Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...
Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...
Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506001011 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...
Security update for the Linux Kernel (Live Patch 66 for SLE 12 SP5)
This update for the Linux Kernel 4.12.14-122250 fixes several issues. The following security issues were fixed: CVE-2022-49545: ALSA: usb-audio: Cancel pending work at closing a MIDI substream bsc1238730. CVE-2022-49179: block, bfq: do not move oombfqq bsc1241331. Patch Instructions: To install...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: block, bfq: fixed the UAF in wakerbfqq after bfqsplitbfqq Our syzkaller report identifies the following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 A size 8 read at address...
CVE-2025-21631
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix wakerbfqq UAF after bfqsplitbfqq Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr ffff8881b57147d8 by task...
kernel: Linux kernel: Denial of Service due to use-after-free in BFQ scheduler
A flaw was found in the Linux kernel. A use-after-free UAF vulnerability exists in the block I/O input/output queueing layer, specifically within the Budget Fair Queueing BFQ scheduler. This occurs because the bfqexiticqbfqq function can free a bfqq object before bicsetbfqq accesses it, leading t...
kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body
A flaw was found in the Linux kernel's implementation of the BFQ IO scheduler. This flaw allows a local user able to groom system memory to cause kernel memory corruption and possible privilege escalation by abusing a race condition in the IO scheduler...
Important: kernel-livepatch-4.14.173-137.229
Issue Overview: An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfqidleslicetimerbody.CVE-2020-12657 Affected Packages: kernel-livepatch-4.14.173-137.229 Issue Correction: Please ensure you have live patching enabled. Run yum...