230 matches found
SUSE-SU-2026:21841-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2024-14027: xattr: switch to CLASSfd bsc1259420. - CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme: Fixed a multipath crash caused by the flush request when blktrace is enabled. The flush request initialized by blkkickflush has a NULL bio. This issue may be addressed during the nvmeendreq operation during io completion...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: blktrace: Fixed a UAF in the blkTraceAccess function after removal by sysfs. There is a use-after-free issue triggered by the following process: bash P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blkTraceRemoveQueue...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: trace/blktrace: A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must also call dput, otherwise a memory leak will occur over time. To simplify things, simply call debugfslookupandremove, whi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: block: fixed leakage of debugfs entries caused by blktrace. The commit 99d055b4fd4b “block: removed per-disk debugfs files in blkunregisterqueue” moves the blkTraceShutdown function to blkUnregisterQueue. This is safe if blktrace...
CVE-2026-23374
A flaw was found in the Linux kernel's blktrace component. This vulnerability arises when the tracingrecordcmdline function attempts to access a per-CPU variable in a preemptible context, which is an unsafe operation. A local attacker could exploit this to trigger a kernel bug, potentially leadin...
SUSE CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
EUVD-2026-15363
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
UBUNTU-CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
CVE-2026-23374 blktrace: fix __this_cpu_read/write in preemptible context
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
CVE-2026-23374
CVE-2026-23374 affects the Linux kernel blktrace path. The root cause is tracing_record_cmdline() using __this_cpu_read()/__this_cpu_write() on a per-CPU variable while preemption is enabled, which is unsafe and triggers a kernel BUG in preemptible code through __blk_add_trace() paths. Public wri...
CVE-2026-23374 blktrace: fix __this_cpu_read/write in preemptible context
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
CVE-2026-23374
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesave, and tracesavecmdline explicitly asserts preemption is disabled via...
Linux Distros Unpatched Vulnerability : CVE-2026-23374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blktrace: fix thiscpuread/write in preemptible context tracingrecordcmdline internally uses thiscpuread and thiscpuwrite on the per-CPU variable tracecmdlinesav...
NewStart CGSL MAIN 6.06 (SP) : blktrace Vulnerability (NS-SA-2026-0021)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has blktrace packages installed that are affected by a vulnerability: - blktrace aka Block IO Tracing 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the devmapread function in btt/devmap.c because the device...
MiracleLinux 7 : kernel-3.10.0-1127.8.2.el7 (AXSA:2020-121:05)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-121:05 advisory. kernel: double free may be caused by the function allocatetracebuffer in the file kernel/trace/trace.c CVE-2017-18595 kernel: use-after-free in...
MiracleLinux 7 : blktrace-1.0.5-9.el7 (AXSA:2019-4120:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-4120:01 advisory. blktrace: buffer overflow in the devmapread function in btt/devmap.c CVE-2018-10689 Tenable has extracted the preceding description block directly from the...