87 matches found
EUVD-2026-38985
In the Linux kernel, the following vulnerability has been resolved: s390/cio: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can...
CVE-2026-45981
A flaw was found in the Linux kernel, specifically within the s390/cio component. This vulnerability stems from incorrect device lifecycle management during subchannel allocation. This could allow an attacker to trigger use-after-free or double-free conditions, potentially leading to system...
CVE-2026-45981
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
Linux Distros Unpatched Vulnerability : CVE-2026-45981
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask o...
CVE-2026-45981
s390/cio: Fix device lifecycle handling in cssallocsubchannel...
PT-2026-43848
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the css alloc subchannel function where device initialize is called before the DMA masks are configured. If the dma set coherent mask or dma set mask functions fail, t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fixed an out-of-bounds access issue related to the cioignore function. The channel-subsystem-driver scans for newly available devices whenever device IDs are removed from the cioignore list, using commands like: echo fr...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27009)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27009 advisory. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition...
EUVD-2022-55548
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for...
SUSE CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
DEBIAN-CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
UBUNTU-CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307 s390/cio: fix out-of-bounds access on cio_ignore free
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307 s390/cio: fix out-of-bounds access on cio_ignore free
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307
In CVE-2022-50307, the Linux kernel s390/cio subsystem had an out-of-bounds read during cio_ignore free scans. The bug arose from an optimization that excluded online devices from scans, incorrectly assuming I/O-subchannel drvdata pointed to a private struct, which is invalid for devices bound to...
PT-2025-37609
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The channel-subsystem-driver incorrectly assumes that an I/O-subchannel's drvdata points to a struct io subchannel private for devices bound to a non-default I/O subchannel driver, suc...
Malicious code in @zalastax/nolb-cio (npm)
The package @zalastax/nolb-cio was found to contain malicious code...
MAL-2025-10912 Malicious code in @zalastax/nolb-cio (npm)
The package @zalastax/nolb-cio was found to contain malicious code...