Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-crypto: made blkcryptoevictkey more robust. If blkcryptoevictkey determines that the key is still in use due to a bug or that -keyslotevict failed, it currently simply returns without unlinking the key from the keyslot...

CVE-2023-53810

In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...

Linux Distros Unpatched Vulnerability : CVE-2023-53810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, t...

EUVD-2023-60072

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

Linux Distros Unpatched Vulnerability : CVE-2023-53536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blkcryptoevictkey more robust If blkcryptoevictkey sees that the key is sti...

SUSE CVE-2023-53536

In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blkcryptoevictkey more robust If blkcryptoevictkey sees that the key is still in-use due to a bug or that -keyslotevict failed, it currently just returns while leaving the key linked into the keyslot management...

CVE-2023-53536

In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blkcryptoevictkey more robust If blkcryptoevictkey sees that the key is still in-use due to a bug or that -keyslotevict failed, it currently just returns while leaving the key linked into the keyslot management...

CVE-2023-53536

CVE-2023-53536 affects the Linux kernel in the blk-crypto subsystem. The issue stems from blk_crypto_evict_key() sometimes returning early without unlinking the key from the keyslot management structures, while the caller proceeds to free the blk_crypto_key. This mismatch can cause a use-after-fr...

CVE-2023-53536 blk-crypto: make blk_crypto_evict_key() more robust

In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blkcryptoevictkey more robust If blkcryptoevictkey sees that the key is still in-use due to a bug or that -keyslotevict failed, it currently just returns while leaving the key linked into the keyslot management...

CVE-2025-39802 lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit 773426f4771b "crypto: arm/poly1305 - Add block-only interface". This safety check is cheap and is...

kernel: blk-crypto: make blk_crypto_evict_key() more robust

A use-after-free vulnerability was found in the Linux kernel block layer crypto key management. When blkcryptoevictkey fails due to a key still being in-use or keyslot eviction failure during inode eviction, the function returns an error but leaves the key linked in keyslot management structures,...