Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide that two queues are worth merging and set bic-stablemergebfqq and the moment bfqsetupmerge is called...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: bfq: Ensure that the bfqg resource, against which we are queuing requests, is online. BiOS queued into the BFQ IO scheduler can be associated with a cgroup that was already offline. This may lead to the insertion of this...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-007026)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007026 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989739 advisory. In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different...

EUVD-2022-55666

In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpiputtable to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpigettable to get the ACPI information, but the acpigettable should be coupled with...

SUSE CVE-2022-50488

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10: ================================================================== BUG: KASAN: use-after-free in bfqselectqueue+0x378/0xa30 CPU: 6 PID:...

UBUNTU-CVE-2022-50329

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfqexiticqbfqq Commit 64dc8c732f5c "block, bfq: fix possible uaf for 'bfqq-bic'" will access 'bic-bfqq' in bicsetbfqq, however, bfqexiticqbfqq can free bfqq first, and then call bicsetbfqq, which...

SUSE-SU-2025:02075-1 Security update for the Linux Kernel (Live Patch 59 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122225 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...

UBUNTU-CVE-2022-49412

In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide two queues are worth to merge and set bic-stablemergebfqq and the moment bfqsetupmerge is called. This...

UBUNTU-CVE-2022-49411

In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO scheduler can be associated with a cgroup that was already offlined. This may then cause insertion of this bfqgroup into a service tree. But...

AZL-50829 CVE-2024-49854 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...

kernel: bfq: Avoid merging queues with different parents

In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide two queues are worth to merge and set bic-stablemergebfqq and the moment bfqsetupmerge is called. This...