Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: “block, bfq”: fixed a potential UAF issue related to “bfqq-bic” in “bicsetbfqq”. After the commit “64dc8c732f5c” “block, bfq: fix possible UAF for ‘bfqq-bic’”, “bic-bfqq” will be accessed in “bicsetbfqq”. However, in some context...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fixed a potential use-after-free UAF related to bfqq-bic in bfqexiticqbfqq. The commit 64dc8c732f5c “block, bfq: fixed a potential UAF for ‘bfqq-bic’” involves accessing bfqq-bic in bicsetbfqq. However, bfqexiticqbfqq...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfqlimitdepth Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-lock, however bfqlimitdepth is deferencing bfqq from bic without the lock, this can lead to UAF if t...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: block, bfq: do not move oombfqq Our test report a UAF: 2073.019181 ================================================================== 2073.019188 BUG: KASAN: use-after-free in bfqputbfqq+0xa0/0x168 2073.019191 Written a size 8...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013517)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013517 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bicsetbfqq After commit 64dc8c732f5c block, bfq: fix possible uaf...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011021)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011021 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bicsetbfqq After commit 64dc8c732f5c block, bfq: fix possible uaf...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010981)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010981 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfqexiticqbfqq Commit 64dc8c732f5c block, bfq: fix possible uaf f...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011247)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011247 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10:...

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-53166)

block, bfq: bfqq uaf in bfqlimitdepth Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-lock, however bfqlimitdepth is deferencing bfqq from bic without the lock, this can lead to UAF if the iocontext is shared by multiple tasks. This plugin only works with...

kernel: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix wakerbfqq UAF after bfqsplitbfqq Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr ffff8881b57147d8 by task...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989221)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989221 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq Our test report a UAF: 2073.019181...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-47706)

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain In this case, IO from Process 1 will get bfqq2 from BIC1 first, and then get bfqq3 through merge chain, and finially handle IO by bfqq3. Howerver, current code will think...

Linux Distros Unpatched Vulnerability : CVE-2022-50488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10: ================================================================== BUG...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-383961)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383961 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986691)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986691 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq Our test report a UAF: 2073.019181...

CVE-2022-50488 block, bfq: fix possible uaf for 'bfqq->bic'

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10: ================================================================== BUG: KASAN: use-after-free in bfqselectqueue+0x378/0xa30 CPU: 6 PID:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue with bfqq-bic, which could lead to memory corruption...

PT-2025-40722

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.10.0-60.18.0.50.h602 Description The Linux kernel contains a use-after-free issue within the block, bfq Best Effort Queue subsystem. Specifically, the issue relates to the bfqq-bic pointer. A scenario involving...

EUVD-2022-55526

Malicious code in bioql PyPI...

SUSE CVE-2024-47706

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process 1 Process 2 Process 3 BIC1 BIC2 BIC3 | ^ | ^ | ^ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 2 bfqq1 merged to bfqq...