27 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: The queuelock must be held when removing blkg-qnode. When blkg is removed from q-blkglist via blkgfreeworkfn, the queuelock must be held. Otherwise, various bugs such as list corruption, hard lockups, etc. may occur d...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Block layer: Fixed corruption of q-blkglist during disk rebinding. Multiple instances of the gendisk function can be allocated/added for a single request queue during disk rebinding. As a result, blkg may still remain in q-blkgli...
EUVD-2023-60370
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:rawspinlock+0x17/0x30...
CVE-2023-54271
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:rawspinlock+0x17/0x30...
SUSE CVE-2023-54088
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queuelock when removing blkg-qnode When blkg is removed from q-blkglist from blkgfreeworkfn, queuelock has to be held, otherwise, all kinds of bugslist corruption, hard lockup, .. can be triggered from...
CVE-2023-54088
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queuelock when removing blkg-qnode When blkg is removed from q-blkglist from blkgfreeworkfn, queuelock has to be held, otherwise, all kinds of bugslist corruption, hard lockup, .. can be triggered from...
UBUNTU-CVE-2023-54088
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queuelock when removing blkg-qnode When blkg is removed from q-blkglist from blkgfreeworkfn, queuelock has to be held, otherwise, all kinds of bugslist corruption, hard lockup, .. can be triggered from...
CVE-2023-54088
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queuelock when removing blkg-qnode When blkg is removed from q-blkglist from blkgfreeworkfn, queuelock has to be held, otherwise, all kinds of bugslist corruption, hard lockup, .. can be triggered from...
CVE-2023-54088 blk-cgroup: hold queue_lock when removing blkg->q_node
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queuelock when removing blkg-qnode When blkg is removed from q-blkglist from blkgfreeworkfn, queuelock has to be held, otherwise, all kinds of bugslist corruption, hard lockup, .. can be triggered from...
CVE-2023-53421
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
CVE-2023-53421
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
CVE-2023-53421 blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkgiostatset after clearing in blkcgresetstats When blkgalloc is called to allocate a blkcggq structure with the associated blkgiostatset's, there are 2 fields within blkgiostatset that requires proper...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the blkgiostatset structure not reinitializing the blkg and sync fields after being cleared in...
kernel: Linux kernel: Denial of Service via NULL pointer dereference in blk-cgroup
A flaw was found in the Linux kernel's block cgroup blk-cgroup component. A local attacker could exploit a race condition in the blkcgactivatepolicy function, where block group policy data blkgpolicydata is installed before it is fully initialized. This allows another function, iocweightwrite, to...
SUSE CVE-2021-47379
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: 693354.104835 ================================================================== 693354.105094 BUG:...
DEBIAN-CVE-2021-47379
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: 693354.104835 ================================================================== 693354.105094 BUG:...
CVE-2021-47379 blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd KASAN reports a use-after-free report when doing fuzz test: 693354.104835 ================================================================== 693354.105094 BUG:...
SUSE CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
DEBIAN-CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...
UBUNTU-CVE-2024-35974
In the Linux kernel, the following vulnerability has been resolved: block: fix q-blkglist corruption during disk rebind Multiple gendisk instances can allocated/added for single request queue in case of disk rebind. blkg may still stay in q-blkglist when calling blkcginitdisk for rebind, then...