25 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: Do not issue a warning if iocg was already offline. In iocgpaydebt, a warning is triggered if ‘activelist’ is empty. This is intended to confirm that iocg is active when it has debts. However, a warning can still be...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fixed the divide by 0 error in calclcoefs The issue arises when the maximum value of type u64 is set to cost.model, which can lead to a divide by 0 error. For example: echo 8:0 rbps=18446744073709551615...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: Avoid out-of-bounds shifts. UBSAN encounters undefined behavior in blk-iocost, where sometimes iocg-delay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. 186.5565...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013797)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013797 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010777)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010777 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992752 advisory. In the Linux kernel, the following vulnerability has been resolved: blkiocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in...
CVE-2023-53783
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by 0 error. echo 8:0 rbps=18446744073709551615 /sys/fs/cgroup/io.cost.model divide error: 0000 1 PREEMPT SMP RIP:...
DEBIAN-CVE-2023-53783
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by 0 error. echo 8:0 rbps=18446744073709551615 /sys/fs/cgroup/io.cost.model divide error: 0000 1 PREEMPT SMP RIP:...
CVE-2023-53783
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by 0 error. echo 8:0 rbps=18446744073709551615 /sys/fs/cgroup/io.cost.model divide error: 0000 1 PREEMPT SMP RIP:...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990819)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990819 advisory. In the Linux kernel, the following vulnerability has been resolved: blkiocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in...
CVE-2023-53730
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spinlockirqsave in adjustinuseandcalccost adjustinuseandcalccost use spinlockirq and IRQ will be enabled when unlock. DEADLOCK might happen if we have held other locks and disabled IRQ before invoking it. Fix it b...
PT-2025-43131
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.10.0-02758-g8e5f91fd772f 26 Description The Linux kernel contained a flaw within the block I/O cost blk-iocost subsystem. Specifically, the adjust inuse and calc cost function utilized spin lock irq and enabled...
The vulnerability of the iocg_pay_debt() function in the block/blk-iocost.c module, which supports the block-level kernel in the Linux operating system. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the iocgpaydebt function in the block/blk-iocost.c module, which supports the block-level kernel in the Linux operating system, is related to incorrect validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity...
UBUNTU-CVE-2022-49266
In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rqqosdonebio a647a524a467 "block: don't call rqqosops-donebio if the bio isn't tracked" made bioendio skip rqqosdonebio if BIOTRACKED is not set. While this fixed a potential oops, it also...
blk_iocost: fix more out of bound shifts
...
The vulnerability of the iocg_kick_delay() function in the block/blk-iocost.c module of the blk-iocost component of the Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the iocgkickdelay function in the block/blk-iocost.c module of the blk-iocost component of the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...
DEBIAN-CVE-2024-49933
In the Linux kernel, the following vulnerability has been resolved: blkiocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the iocforgivedebts function: UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38 shift exponent 80 is too large for 64-bit typ...
UBUNTU-CVE-2024-49933
In the Linux kernel, the following vulnerability has been resolved: blkiocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the iocforgivedebts function: UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38 shift exponent 80 is too large for 64-bit typ...
SUSE CVE-2024-36908
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: do not WARN if iocg was already offlined In iocgpaydebt, warn is triggered if 'activelist' is empty, which is intended to confirm iocg is active when it has debt. However, warn can be triggered during a blkcg or disk...
DEBIAN-CVE-2024-36916
In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg-delay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. 186.556576...