151 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: scsi: smartpqi: Fix for disablemanagedinterrupts The issue with the registration of blk-mq using the module parameter “disablemanagedinterrupts” was corrected. When we disable the default PCIIRQAFFINITY flag, the driver needs ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dm rq: Do not queue the request to blk-mq during DM suspension. DM uses blk-mq's quiesce/unquiesce to stop/start the device mapper queue. However, blk-mq's unquiesce may be triggered by external events, such as changes in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed the issue where blkmqtags double-freeed memory when nrrequests increased. In cases where user-triggered tags increase due to the nrrequests value in the queue sysfs attributes, hctx-schedtags will be directly freed...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011306)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011306 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: check kobject stateinsysfs before deleting in blkmqunregisterhctx In blkmqupdatenrhwqueue...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006665)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006665 advisory. In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Check the kobject’s creation status in sysfs before deleting it in blkmqunregisterhctx. In the function blkmqupdatenrHWqueues, the return value of blkmqsysfsregisterhctxs is not checked. If the creation of hctxs in sysfs...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000669)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000669 advisory. In blkmqtagtorq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004273)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004273 advisory. In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no...
CVE-2025-68823
In the Linux kernel, the following vulnerability has been resolved: ublk: fix deadlock when reading partition table When one processsuch as udev opens ublk block device e.g., to read the partition table via bdevopen, a deadlock1 can occur: 1. bdevopen grabs disk-openmutex 2. The process issues re...
MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.8.el7.AXS7 (AXSA:2025-9625:10)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9625:10 advisory. media: edia: dvbdev: fix a use-after-free CVE-2024-27043 btrfs: dev-replace: properly validate device names CVE-2024-26791 KVM: nSVM: Ignore nCR34:0...
Linux Distros Unpatched Vulnerability : CVE-2023-54227
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be...
CVE-2023-53810 blk-mq: release crypto keyslot before reporting I/O complete
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...
AZL-70004 CVE-2025-40146 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nrrequests grown Allocate and free schedtags while queue is freezed can deadlock1, this is a long term problem, hence allocate memory before freezing queue and free memory after queue is...
UBUNTU-CVE-2025-40146
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nrrequests grown Allocate and free schedtags while queue is freezed can deadlock1, this is a long term problem, hence allocate memory before freezing queue and free memory after queue is...
CVE-2025-40146
The CVE-2025-40146 entry refers to a Linux kernel issue in the blk-mq subsystem where deadlock can occur as nr_requests grow. The root cause is described as a conflict between allocating/freeing sched_tags while the I/O queue is frozen, which can lead to a deadlock. The published fix involves all...
CVE-2025-40146
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nrrequests grown Allocate and free schedtags while queue is freezed can deadlock1, this is a long term problem, hence allocate memory before freezing queue and free memory after queue is...
Linux Distros Unpatched Vulnerability : CVE-2025-40146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-mq: fix potential deadlock while nrrequests grown Allocate and free schedtags while queue is freezed can deadlock1, this is a long term problem, hence...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988970)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988970 advisory. In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test...
DEBIAN-CVE-2025-39999
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix blkmqtags double free while nrrequests grown In the case user trigger tags grow by queue sysfs attribute nrrequests, hctx-schedtags will be freed directly and replaced with a new allocated tags, see blkmqtagupdatedept...
PT-2025-42273
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s block management queue blk-mq subsystem related to double freeing of memory associated with request tags when the number of requests grows...