Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: Block, bfq: Fixed a potential UAF issue for bfqq-bic when using the merge chain. 1 Initial state: Three tasks: - Process 1 Process 2 Process 3 - BIC1 BIC2 BIC3 | Λ | Λ | Λ | | | | | V | V | V bfqq1 bfqq2 bfqq3 Process referenc...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003348 advisory. The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002681)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002681 advisory. The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain...

block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock

...

CVE-2023-54242

In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by zero error. Fix this by continuing to the next level. This was discovered by running as root: stress-...

CVE-2023-54242

CVE-2023-54242 affects the Linux kernel in the block bfq I/O elevator. The issue is a division by zero when the weighted sum (wsum) equals zero, causing an invalid calculation of the limit during bfq_limit_depth. The vulnerability could trigger a divide error as observed in a stress-ng stress tes...

kernel: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix wakerbfqq UAF after bfqsplitbfqq Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr ffff8881b57147d8 by task...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990619 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the...

CVE-2023-53730 blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spinlockirqsave in adjustinuseandcalccost adjustinuseandcalccost use spinlockirq and IRQ will be enabled when unlock. DEADLOCK might happen if we have held other locks and disabled IRQ before invoking it. Fix it b...

Linux Distros Unpatched Vulnerability : CVE-2022-50488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block, bfq: fix possible uaf for 'bfqq-bic' Our test report a uaf for 'bfqq-bic' in 5.10: ================================================================== BUG...

EUVD-2018-2760

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987315 advisory. In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for which we are queueing requests is online Bios queued into BFQ IO schedule...

EUVD-2022-55526

Malicious code in bioql PyPI...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-50208: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages bsc1233118 CVE-2024-50250: fsdax: daxunshareiter needs to copy entire blocks bsc1233227 CVE-2024-53146: NFSD: prevent a potential integer...

CVE-2022-49266

In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rqqosdonebio a647a524a467 "block: don't call rqqosops-donebio if the bio isn't tracked" made bioendio skip rqqosdonebio if BIOTRACKED is not set. While this fixed a potential oops, it also...

SUSE CVE-2025-21631

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix wakerbfqq UAF after bfqsplitbfqq Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr ffff8881b57147d8 by task...

AZL-56315 CVE-2025-21631 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix wakerbfqq UAF after bfqsplitbfqq Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr ffff8881b57147d8 by task...

DEBIAN-CVE-2025-21631

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix wakerbfqq UAF after bfqsplitbfqq Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 Read of size 8 at addr ffff8881b57147d8 by task...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the block, bfq module where the bfqlimitdepth function accesses bfqq unlocked, which could lead to reuse...

kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race

In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rqqoswait vs. rqqoswakefunction race We're seeing crashes from rqqoswakefunction that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 PF: supervisor write access in kernel...