USN-8119-1 systemd vulnerabilities

It was discovered that systemd incorrectly handled certain cgroup paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. CVE-2026-29111 It was discovered that the systemd udev component incorrectly handled certain fields received from th...

CVE-2022-49786

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: properly pin the parent in blkcgcssonline blkcgcssonline is supposed to pin the blkcg of the parent, but 397c9f46ee4d refactored things and along the way, changed it to pin the css instead. This results in extra pins,...

CVE-2024-38663

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from resetting io stat Since commit 3b8cc6298724 "blk-cgroup: Optimize blkcgrstatflush", each iostat instance is added to blkcg percpu list, so blkcgresetstats can't reset the stat instance by...

CVE-2021-47488

In the Linux kernel, the following vulnerability has been resolved: cgroup: Fix memory leak caused by missing cgroupbpfoffline When enabling CONFIGCGROUPBPF, kmemleak can be observed by running the command as below: $mount -t cgroup -o none,name=foo cgroup cgroup/ $umount cgroup/ unreferenced...

CVE-2022-48638

CVE-2022-48638 pertains to the Linux kernel cgroup subsystem. The issue stems from cgroup_get_from_id() not validating that the looked-up kn is a directory, which must be a kernfs directory. If the id supplied by userspace points to a non-directory, it can trigger a kernel panic. The connected As...

CVE-2022-48638 cgroup: cgroup_get_from_id() must check the looked-up kn is a directory

In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroupgetfromid must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace...