CVE-2022-49902 block: Fix possible memory leak for rq_wb on add_disk failure

In the Linux kernel, the following vulnerability has been resolved: block: Fix possible memory leak for rqwb on adddisk failure kmemleak reported memory leaks in deviceadddisk: kmemleak: 3 new suspected memory leaks unreferenced object 0xffff88800f420800 size 512: comm "modprobe", pid 4275, jiffi...

USN-7451-1 linux-aws-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq CVE-2022-49179 In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev CVE-2022-49390 In the Linux kernel, the following vulnerability has...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq CVE-2022-49179 In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev CVE-2022-49390 In the Linux kernel, the following vulnerability has...

OESA-2025-1338 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rqqosdonebio a647a524a467 "block: don't call rqqosops-donebio if the bio isn't tracked" made bioendio skip rqqosdonebio ...

SUSE CVE-2022-49406

In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...

SUSE CVE-2022-49694

In the Linux kernel, the following vulnerability has been resolved: block: disable the elevator int delgendisk The elevator is only used for file system requests, which are stopped in delgendisk. Move disabling the elevator and freeing the scheduler tags to the end of delgendisk instead of doing...

UBUNTU-CVE-2022-49406

In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blkiarangesysfsshow When being read, a sysfs attribute is already protected against removal with the kobject node active reference counter. As a result, in blkiarangesysfsshow, there is no need to...

UBUNTU-CVE-2022-49259

In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are deleted. Apparently this is usually benign; however, a WARN will be triggered if one of the child kobjec...

DEBIAN-CVE-2022-49147

In the Linux kernel, the following vulnerability has been resolved: block: Fix the maximum minor value is blkallocextminor idaallocrange..., min, max, ... returns values from min to max, inclusive. So, NREXTDEVT is a valid idx returned by blkallocextminor. This is an issue because in deviceadddis...

UBUNTU-CVE-2022-49179

In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq Our test report a UAF: 2073.019181 ================================================================== 2073.019188 BUG: KASAN: use-after-free in bfqputasyncbfqq+0xa0/0x168 2073.019191 Write of size 8...

CVE-2022-49266

In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rqqosdonebio a647a524a467 "block: don't call rqqosops-donebio if the bio isn't tracked" made bioendio skip rqqosdonebio if BIOTRACKED is not set. While this fixed a potential oops, it also...

CVE-2022-49259

In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects are deleted. Apparently this is usually benign; however, a WARN will be triggered if one of the child kobjec...

SUSE-SU-2025:20073-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52610: net/sched: actct: fix skb leak and crash on ooo frags bsc1221610. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow...

PT-2025-2981 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-10553-gb86545e02e8c Description: A potential deadlock issue has been identified in the Linux kernel. The queue attr store function first freezes the queue -q usage counterio and then acquires -sysfs lock...

CVE-2024-53170

In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blkmqclearflushrqmapping is not called during scsi probe, by checking blkqueueinitdone. However, QUEUEFLAGINITDONE is cleared in delgendisk by commit aec89dc5d421 "block: keep...

CVE-2024-53166

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfqlimitdepth Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-lock, however bfqlimitdepth is deferencing bfqq from bic without the lock, this can lead to UAF if t...

CVE-2024-53170 block: fix uaf for flush rq while iterating tags

In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blkmqclearflushrqmapping is not called during scsi probe, by checking blkqueueinitdone. However, QUEUEFLAGINITDONE is cleared in delgendisk by commit aec89dc5d421 "block: keep...

kernel: block: fix deadlock between bd_link_disk_holder and partition scan

A flaw was found in the Linux kernel, where a deadlock can occur between bdlinkdiskholder and partition scan...

kernel: block: fix request.queuelist usage in flush

A vulnerability was found in the Linux kernel's block subsystem, where the issue arises when the request queue list is not properly initialized for the first request in the PREFLUSH/POSTFLUSH sequences, leading to potential kernel crashes due to improper list manipulation...