12 matches found
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: The crypto keyslot should be released before reporting I/O completion. Once all I/O using the blkcryptokey is completed, the file systems can call blkcryptoevictkey. However, the block layer currently does not call...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013016)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013016 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey ha...
SUSE CVE-2023-53810
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...
EUVD-2023-60096
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...
DEBIAN-CVE-2023-53810
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...
CVE-2023-53810
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...
UBUNTU-CVE-2023-53810
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...
CVE-2023-53810 blk-mq: release crypto keyslot before reporting I/O complete
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...
CVE-2023-53810
CVE-2023-53810 is a Linux kernel race condition in the blk-mq/keyslot path. After I/O using a blk_crypto_key completes, keyslot release was delayed until request free, potentially allowing blk_crypto_evict_key() to observe non-zero slot_refs while there is no active bug. The vulnerability manifes...
CVE-2023-53810
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blkcryptokey has completed, filesystems can call blkcryptoevictkey. However, the block layer currently doesn't call blkcryptoputkeyslot until the...
PT-2025-49670
In the Linux kernel, the following vulnerability has been resolved: blk-mq: release crypto keyslot before reporting I/O complete Once all I/O using a blk crypto key has completed, filesystems can call blk crypto evict key. However, the block layer currently doesn't call blk crypto put keyslot unt...
kernel: blk-mq: release crypto keyslot before reporting I/O complete
A flaw was identified in the block multi-queue blk-mq subsystem of the Linux kernel where the crypto keyslot associated with a block I/O request could be released after upper layers have been notified that the I/O operation completed. Under certain conditions, this could lead to a use-after-free ...