EUVD-2026-27674

In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq-bio values have been observed to cause double-initialization of cloned bios in request-based device-mapper targets, leading to use-after-free and...

EUVD-2026-27752

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...

EUVD-2026-27692

In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...

CVE-2026-43278

In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq-bio values have been observed to cause double-initialization of cloned bios in request-based device-mapper targets, leading to use-after-free and...

CVE-2026-43278

The vulnerability CVE-2026-43278 affects the Linux kernel’s device-mapper (dm) component, notably dm-multipath, where stale cloned bio pointers in cloned requests can lead to use-after-free and double-free of bios. The sequence shows cloned bios freed during blk_complete_request() while rq->bi...

CVE-2026-43278 dm: clear cloned request bio pointer when last clone bio completes

In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq-bio values have been observed to cause double-initialization of cloned bios in request-based device-mapper targets, leading to use-after-free and...

CVE-2026-43278

In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq-bio values have been observed to cause double-initialization of cloned bios in request-based device-mapper targets, leading to use-after-free and...

CVE-2026-43192

The provided sources describe CVE-2026-43192 as a Linux kernel issue in the device-mapper multipath (dm mpath) subsystem. A missing cleanup (dm_put_device) when failing to retrieve the SCSI handler name during path parsing (scsi_dh_attached_handler_name) could leak references to the path device. ...

CVE-2026-43192 dm mpath: Add missing dm_put_device when failing to get scsi dh name

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...

CVE-2026-43192

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...

CVE-2026-43132 dm-verity: correctly handle dm_bufio_client_create() failure

In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later called with an ERRPTR argument. That causes a crash. Fix this...

PT-2026-37472

In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dm bufio client create failure If either of the calls to dm bufio client create in verity fec ctr fails, then dm bufio client destroy is later called with an ERR PTR argument. That causes a crash. Fix...

PT-2026-37618

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description Stale rq-bio values in request-based device-mapper targets can cause double-initialization of cloned bios. This leads to use-after-free and double-free scenarios. For instance, when usin...

Linux Distros Unpatched Vulnerability : CVE-2026-43278

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm: clear cloned request bio pointer when last clone bio completes Stale rq-bio values have been observed to cause double-initialization of cloned bios in...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the bio pointer in the cloning request in the dm driver is not cleared after the la...

PT-2026-37532

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dm put device when failing to get scsi dh name When commit fd81bc5cca8f "scsi: device handler: Return error pointer in scsi dh attached handler name" added code to fail parsing the path if scsi dh attached...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dm: fix a crash if blkallocdisk fails If blkallocdisk fails, the variable md-disk is set to an error value. cleanupmappeddevice will see that md-disk is non-NULL and it will attempt to access it, causing a crash on this statement...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: This issue is fixed if the listversions function races with the module loading process. listversions will first estimate the required space using the dmtargetiteratelistversiongetneeded, &needed call, and then fill that...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A denial-of-service issue was detected, possibly due to a recursive locking scenario, which led to a deadlock in the tableclear function in drivers/md/dm-ioctl.c within the Linux Kernel Device Mapper-Multipathing sub-component...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - dm btree remove: fixed the use of a function after the free operation in rebalancechildren. - Moved the dmtmunlock function to after dmtmdec...