85 matches found
CVE-2026-45981
A flaw was found in the Linux kernel, specifically within the s390/cio component. This vulnerability stems from incorrect device lifecycle management during subchannel allocation. This could allow an attacker to trigger use-after-free or double-free conditions, potentially leading to system...
CVE-2026-45981
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
CVE-2026-45981
s390/cio: Fix device lifecycle handling in cssallocsubchannel...
Linux Distros Unpatched Vulnerability : CVE-2026-45981
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask o...
PT-2026-43848
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in css alloc subchannel css alloc subchannel calls device initialize before setting up the DMA masks. If dma set coherent mask or dma set mask fails, the error path frees the subchannel...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Ensure that the copied buf is terminated with NUL characters. Currently, we allocate a kernel buffer of size lbuf and copy lbuf from userspace to that buffer. Later, we use the scanf function on this buffer, but we do n...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27009)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27009 advisory. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition...
EUVD-2022-55548
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for...
SUSE CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
DEBIAN-CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
UBUNTU-CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307 s390/cio: fix out-of-bounds access on cio_ignore free
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307 s390/cio: fix out-of-bounds access on cio_ignore free
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307
In CVE-2022-50307, the Linux kernel s390/cio subsystem had an out-of-bounds read during cio_ignore free scans. The bug arose from an optimization that excluded online devices from scans, incorrectly assuming I/O-subchannel drvdata pointed to a private struct, which is invalid for devices bound to...
PT-2025-37609
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The channel-subsystem-driver incorrectly assumes that an I/O-subchannel's drvdata points to a struct io subchannel private for devices bound to a non-default I/O subchannel driver, suc...
Malicious code in @zalastax/nolb-cio (npm)
The package @zalastax/nolb-cio was found to contain malicious code...
MAL-2025-10912 Malicious code in @zalastax/nolb-cio (npm)
The package @zalastax/nolb-cio was found to contain malicious code...