erofs: add GFP_NOIO in the bio completion if needed

...

CVE-2023-54242

In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by zero error. Fix this by continuing to the next level. This was discovered by running as root: stress-...

UBUNTU-CVE-2022-50488

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10: ================================================================== BUG: KASAN: use-after-free in bfqselectqueue+0x378/0xa30 CPU: 6 PID:...

SUSE-SU-2025:20703-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 - CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to...

PT-2025-46600

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the handling of hardware queue contexts within the block I/O management framework blk-mq. Specifically, the code does not verify the success ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible overflow of the bioffset field when a large page is added to the bio at the block level...

DEBIAN-CVE-2022-49167

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not double complete bio on errors during compressed reads I hit some weird panics while fixing up the error handling from btrfslookupbiosums. Turns out the compression path will complete the bio we use if we set up any ...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential context UAFs CVE-2023-52913 In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets CVE-2024-26718 In the Linux kernel, the following...

kernel: block: don't call rq_qos_ops->done_bio if the bio isn't tracked

A vulnerability was found in the Linux kernel, where improper handling of block I/O requests when a block I/O request bio is not tracked, the kernel erroneously calls the rqqosops-donebio function, potentially leading to use-after-free issues. This situation can occurr when the request queue is...

AZL-62696 CVE-2024-41067 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: handle RST lookup error correctly BUG When running btrfs/060 with forced RST feature, it would crash the following ASSERT inside scrubreadendio: ASSERTsectornr nrsectors; Before that, we would have tree dump from...

kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.

A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgrouprstatflush is only called at cssreleaseworkfn, which is called when the blkcg reference count reaches 0. This circula...

kernel: bfq: Make sure bfqg for which we are queueing requests is online

A use-after-free vulnerability exists in the Linux kernel. The Bios queued into the BFQ IO scheduler can be associated with a cgroup that was already offline. This issue may then cause the insertion of this bfqgroup into a service tree. This bfqgroup will get freed as soon as the last associated...

kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body

A flaw was found in the Linux kernel's implementation of the BFQ IO scheduler. This flaw allows a local user able to groom system memory to cause kernel memory corruption and possible privilege escalation by abusing a race condition in the IO scheduler...

Google Android Kernel Component Elevation of Privilege Vulnerability (CNVD-2018-05460)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Google Android Kernel component Multi-queue block IO. An attacker can exploit this vulnerability to achieve elevatio...

USN-3444-2 linux-lts-xenial vulnerabilities

USN-3444-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jan H. Schönherr discovered that the Xen subsystem did not properly handle block IO...