230 matches found
CVE-2022-48913
In the Linux kernel, the following vulnerability has been resolved: blktrace: fix use after free for struct blktrace When tracing the whole disk, 'dropped' and 'msg' will be created under 'q-debugfsdir' and 'bt-dir' is NULL, thus blktracefree won't remove those files. What's worse, the following...
RHEL 5 : blktrace (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - blktrace: buffer overflow in the devmapread function in btt/devmap.c CVE-2018-10689 Note that Nessus has not tested...
RHEL 6 : blktrace (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - blktrace: buffer overflow in the devmapread function in btt/devmap.c CVE-2018-10689 Note that Nessus has not tested...
SUSE CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
DEBIAN-CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
UBUNTU-CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
CVE-2021-47375 blktrace: Fix uaf in blk_trace access after removing by sysfs
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
CVE-2021-47375
CVE-2021-47375 affects the Linux kernel blktrace code. The issue is a use-after-free in blk_trace access after removing by sysfs, triggered during trace_note_tsk execution after blk_trace_free, leading to a kernel NULL pointer dereference (as shown by the provided log). The reproduction involves ...
CVE-2021-47375 blktrace: Fix uaf in blk_trace access after removing by sysfs
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
RHEL 5 : blktrace (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - blktrace: buffer overflow in the devmapread function in btt/devmap.c CVE-2018-10689 Note that Nessus has not tested...
kernel: nvme: fix multipath crash caused by flush request when blktrace is enabled
In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blkkickflush has NULL bio, and it may be dealt with nvmeendreq during io completion. When blktrace is enabled,...
kernel: trace/blktrace: fix memory leak with using debugfs_lookup()
In the Linux kernel, the following vulnerability has been resolved: trace/blktrace: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instea...
PT-2025-38390
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the trace/blktrace module when using the debugfs lookup function. Failing to call dput on the result of debugfs lookup leads to a memory leak over time. The issue...
Oracle Linux 7 : blktrace (ELSA-2019-2162)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-2162 advisory. 1.0.5-9 - Fix buffer overflow in the devmapread function 1580579 Fixes CVE-2018-10689 Tenable has extracted the preceding description block directly from the...
kernel: nvme: fix multipath crash caused by flush request when blktrace is enabled
In the Linux kernel, the following vulnerability has been resolved: nvme: fix multipath crash caused by flush request when blktrace is enabled The flush request initialized by blkkickflush has NULL bio, and it may be dealt with nvmeendreq during io completion. When blktrace is enabled,...