92 matches found
CVE-2026-53117
A flaw was found in the Linux kernel, specifically within the s390/cio component. When a driver is being probed, a race condition can occur where the driveroverride field is accessed without proper locking. This can lead to a Use-After-Free UAF vulnerability, which may result in system instabilit...
Linux Distros Unpatched Vulnerability : CVE-2026-53117
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/cio: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held...
EUVD-2026-38985
In the Linux kernel, the following vulnerability has been resolved: s390/cio: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can...
CVE-2026-53117
The CVE-2026-53117 issue affects the Linux kernel (s390/cio). During driver probing in __driver_attach(), the bus match() callback can access the driver_override field without the required device lock, creating a potential use-after-free. The fix switches to the driver-core driver_override infras...
CVE-2026-53117
In the Linux kernel, the following vulnerability has been resolved: s390/cio: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can...
PT-2026-52011
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the s390/cio component. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock...
CVE-2026-45981
A flaw was found in the Linux kernel, specifically within the s390/cio component. This vulnerability stems from incorrect device lifecycle management during subchannel allocation. This could allow an attacker to trigger use-after-free or double-free conditions, potentially leading to system...
CVE-2026-45981
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
Linux Distros Unpatched Vulnerability : CVE-2026-45981
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask o...
CVE-2026-45981
s390/cio: Fix device lifecycle handling in cssallocsubchannel...
PT-2026-43848
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the css alloc subchannel function where device initialize is called before the DMA masks are configured. If the dma set coherent mask or dma set mask functions fail, t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fixed an out-of-bounds access issue related to the cioignore function. The channel-subsystem-driver scans for newly available devices whenever device IDs are removed from the cioignore list, using commands like: echo fr...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Ensure that the copied buf is terminated with NUL characters. Currently, we allocate a kernel buffer of size lbuf and copy lbuf from userspace to that buffer. Later, we use the scanf function on this buffer, but we do n...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27009)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27009 advisory. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition...
EUVD-2022-55548
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for...
SUSE CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
DEBIAN-CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
UBUNTU-CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...