Lucene search
+L

111 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nvmet: A race condition in nvmetbiodone has been fixed; this race condition can lead to a NULL pointer dereferencing. There is a race condition in nvmetbiodone that can cause a NULL pointer dereference in blkcgroupbiostart: 1...

7.5CVSS5.9AI score0.00271EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: blk-cgroup: The reinit operation for blkgiostatset is performed after clearing data in blkcgresetstats. When the blkgalloc function is called to allocate a blkcggq structure along with its associated blkgiostatset, there are t...

5.5CVSS6.2AI score0.0015EPSS
Exploits0References3
Amazon
Amazon
added 2026/06/22 12:0 a.m.15 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: arm64: mm: fix VA-range sanity check CVE-2023-53989 In the Linux kernel, the following vulnerability has been resolved: iommu/amd/pgtbl: Fix possible race while increase page table level CVE-2025-39961 In the Linu...

9.8CVSS6.5AI score0.00554EPSS
Exploits22
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-cgroup: fixed a UAF vulnerability by acquiring the blkcg lock before destroying the blkg. KASAN reports a use-after-free issue during the fuzz test: 693354.104835...

7.8CVSS6.6AI score0.00256EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-31586

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline...

7.8CVSS6AI score0.00128EPSS
Exploits0References3
NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31586

In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline. If cssput drops the last reference, the blkcg can be freed...

7.8CVSS0.00128EPSS
Exploits0References9
EUVD
EUVD
added 2026/04/24 2:42 p.m.8 views

EUVD-2026-25479

In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline. If cssput drops the last reference, the blkcg can be freed...

5.6AI score0.00128EPSS
Exploits0References4
CVE
CVE
added 2026/04/24 2:42 p.m.19 views

CVE-2026-31586

Summary: CVE-2026-31586 is a Linux kernel use-after-free in blk-cgroup during cgwb_release_workfn. The vulnerability occurs when css_put(wb->blkcg_css) is followed by accessing wb->blkcg_css via blkcg_unpin_online(), which can free the blkcg asynchronously (css_free_rwork_fn -> kfree) if...

7.8CVSS5.6AI score0.00128EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:42 p.m.5 views

CVE-2026-31586

In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline. If cssput drops the last reference, the blkcg can be freed...

7.8CVSS5.4AI score0.00128EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 2:42 p.m.6 views

CVE-2026-31586

In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline. If cssput drops the last reference, the blkcg can be freed...

7.8CVSS5.5AI score0.00128EPSS
Exploits0
OSV
OSV
added 2026/04/24 2:42 p.m.2 views

CVE-2026-31586 mm: blk-cgroup: fix use-after-free in cgwb_release_workfn()

In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline. If cssput drops the last reference, the blkcg can be freed...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of the cgwbreleaseworkfn function after it is released in the mm blk-cgroup. This could lead ...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-34938

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the function cgwb release workfn. The function calls css putwb-blkcg css and subsequently accesses wb-blkcg css again via blkcg unpin online. If css put...

7.8CVSS5.8AI score0.00128EPSS
Exploits0
Amazon
Amazon
added 2026/03/19 12:0 a.m.11 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata CVE-2025-71265 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indxfind to avoid...

6.1AI score0.00121EPSS
Exploits0
Amazon
Amazon
added 2026/03/05 12:0 a.m.12 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats CVE-2023-53421 In the Linux kernel, the following vulnerability has been resolved: iomap: Fix possible overflow condition in iomapwritedelallocsca...

8.8CVSS6.4AI score0.00468EPSS
Exploits7
OSV
OSV
added 2026/02/27 11:51 a.m.6 views

SUSE-SU-2026:20555-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 and SL MIxro 6.2 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-40147: blk-throttle: fix access race during throttle policy activation bsc1253344. - CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer...

9.8CVSS7AI score0.00424EPSS
Exploits2References439
NVD
NVD
added 2026/02/14 4:15 p.m.8 views

CVE-2026-23148

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix race in nvmetbiodone leading to NULL pointer dereference There is a race condition in nvmetbiodone that can cause a NULL pointer dereference in blkcgroupbiostart: 1. nvmetbiodone is called when a bio completes 2...

7.5CVSS0.00271EPSS
Exploits0References3
CVE
CVE
added 2026/02/14 4:1 p.m.19 views

CVE-2026-23148

CVE-2026-23148 describes a race in the Linux kernel’s nvmet path where a completed bio can be re-submitted and dereferenced after bio_uninit() clears bio->bi_blkg, leading to a NULL pointer dereference in blk_cgroup_bio_start(). The race occurs when nvmet_bio_done() and nvmet_req_complete() in...

7.5CVSS5.2AI score0.00271EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: blk-cgroup: fixed a possible deadlock during policy configuration The resulting deadlock can be easily triggered by lockdep: WARNING: a circular locking dependency was detected 6.17.0-rc3-00124-ga12c2658ced0 1665 Not tainted...

6AI score0.00174EPSS
Exploits0References3
OSV
OSV
added 2025/12/30 1:16 p.m.5 views

UBUNTU-CVE-2023-54271

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:rawspinlock+0x17/0x30...

5.7AI score0.00168EPSS
Exploits0References6
Rows per page
Query Builder