Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Block, bfq: Fixed a possible Use After Free UAF for ‘bfqq-bic’. Our test report identified a UAF for ‘bfqq-bic’ in 5.10: Bug: KASAN: Use After Free in bfqselectqueue+0x378/0xa30. CPU: 6 PID: 2318352 Comm: fsstress Kdump: Loaded;...

CVE-2023-54242

In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by zero error. Fix this by continuing to the next level. This was discovered by running as root: stress-...

Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024147 fixes several issues. The following security issues were fixed: CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages bsc1235921...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice CVE-2024-40945 In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfqlimitdepth CVE-2024-53166 In the Linux kernel, the...

SUSE CVE-2022-49179

In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq Our test report a UAF: 2073.019181 ================================================================== 2073.019188 BUG: KASAN: use-after-free in bfqputasyncbfqq+0xa0/0x168 2073.019191 Write of size 8...

CVE-2024-53166

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfqlimitdepth Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-lock, however bfqlimitdepth is deferencing bfqq from bic without the lock, this can lead to UAF if t...