Linux Distros Unpatched Vulnerability : CVE-2026-53126

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-cgroup: fix disk reference leak in blkcgmaybethrottlecurrent Add the missing putdisk on the error path in blkcgmaybethrottlecurrent. When blkcg lookup, blkg...

CVE-2026-31586

In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline. If cssput drops the last reference, the blkcg can be freed...

EUVD-2026-25479

In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwbreleaseworkfn cgwbreleaseworkfn calls cssputwb-blkcgcss and then later accesses wb-blkcgcss again via blkcgunpinonline. If cssput drops the last reference, the blkcg can be freed...

CVE-2026-31586

Summary: CVE-2026-31586 is a Linux kernel use-after-free in blk-cgroup during cgwb_release_workfn. The vulnerability occurs when css_put(wb->blkcg_css) is followed by accessing wb->blkcg_css via blkcg_unpin_online(), which can free the blkcg asynchronously (css_free_rwork_fn -> kfree) if...

PT-2026-34938

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the function cgwb release workfn. The function calls css putwb-blkcg css and subsequently accesses wb-blkcg css again via blkcg unpin online. If css put...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56672)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56672 advisory. - In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcgunpinonline...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001156)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001156 advisory. The blkcginitqueue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service double free or possibly have...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003556 advisory. The blkcginitqueue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service double free or possibly have...

MiracleLinux 9 : kernel-5.14.0-611.5.1.el9_7 (AXSA:2025-11493:94)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11493:94 advisory. kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB...

ALSA-2025:20518 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

Siemens SIMATIC Devices Use After Free (CVE-2024-56672)

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcgunpinonline blkcgunpinonline walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcgparentblkcg but it was calling that after blkcgdestroyblkgsblkcg which could free the blkcg Th...

UBUNTU-CVE-2022-50550

In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix memory leak on adddisk failures When a gendisk is successfully initialized but adddisk fails such as when a loop device has invalid number of minor device numbers specified, blkcginitdisk is called during init...

EUVD-2024-53320

Malicious code in bioql PyPI...

CVE-2023-53421 blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the blkgiostatset structure not reinitializing the blkg and sync fields after being cleared in...

The vulnerability of the blkcg_deactivate_policy() function in the block/blk-cgroup.c module, which supports the block-level kernel in the Linux operating system, allows a malicious actor to trigger a service failure.

The vulnerability of the blkcgdeactivatepolicy function in the block/blk-cgroup.c module, which supports the block-level kernel in Linux, relates to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to cause service failures...

Linux Distros Unpatched Vulnerability : CVE-2024-56672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcgunpinonline blkcgunpinonline walks up the blkcg hierarchy puttin...

The vulnerability of the blkcg_unpin_online() function in the block/blk-cgroup.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the blkcgunpinonline function in the block/blk-cgroup.c module of the Linux kernel is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...

AZL-54792 CVE-2024-56672 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcgunpinonline blkcgunpinonline walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcgparentblkcg but it was calling that after blkcgdestroyblkgsblkcg which could free the blkcg,...