757 matches found
kernel: dm integrity: Fix UAF in dm_integrity_dtr()
A use-after-free vulnerability was found in the Linux kernel's device mapper integrity subsystem. When dmresume and dmdestroy execute concurrently, a timer may fire and access freed memory because dmintegritydtr did not properly cancel the timer before freeing resources. The fix adds an additiona...
kernel: dm thin: Use last transaction's pmd->root when commit failed
A metadata handling flaw was found in the Linux kernel device-mapper thin provisioning driver. After a failed metadata commit, the in-memory root pointer could reference a mixed set of fresh and stale tree nodes. Subsequent lookups may loop or stall. A local user could use this flaw to cause the...
kernel: dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
An ABBA deadlock flaw was found in the Linux kernel's device-mapper thin provisioning subsystem between the memory reclaim path and metadata abort handling. A local user can trigger this issue by initiating cache drop operations while dm-thin operations are active, causing process P1 to hold...
device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to...
Moderate: Red Hat Security Advisory: device-mapper-multipath security and bug fix update
An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 8 : device-mapper-multipath (RHSA-2023:2948)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2948 advisory. The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes:...
CentOS 8 : device-mapper-multipath (CESA-2023:2948)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:2948 advisory. - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able t...
Moderate: device-mapper-multipath security and bug fix update
The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes: device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 For more details about the securi...
The vulnerability of the table_clear() function in the drivers/md/dm-ioctl.c file of the Linux kernel’s device-mapper driver allows a hacker to cause a service failure.
The vulnerability of the tableclear function in the drivers/md/dm-ioctl.c file of the Linux kernel’s device-mapper driver is related to recursive locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
Oracle Linux 9 : device-mapper-multipath (ELSA-2023-2459)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2459 advisory. 0.8.7-20 - Add 0083-multipath.rules-fix-smart-bug-with-failed-valid-path.patch - Add 0084-libmultipath-limit-paths-that-can-get-wwid-from-envi.patch - Change ho...
Fedora 36 : kernel (2023-00393126a0)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-00393126a0 advisory. The 6.2.15 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
OESA-2023-1277 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to...
OESA-2023-1276 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to...
RHEL 9 : device-mapper-multipath (RHSA-2023:2459)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2459 advisory. The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes:...
device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to...
kernel: dm cache: Fix UAF in destroy()
In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy are concurrent. Therefore, cancelling timer again in destroy...
kernel: dm thin: Use last transaction's pmd->root when commit failed
A metadata handling flaw was found in the Linux kernel device-mapper thin provisioning driver. After a failed metadata commit, the in-memory root pointer could reference a mixed set of fresh and stale tree nodes. Subsequent lookups may loop or stall. A local user could use this flaw to cause the...
kernel: dm thin: Fix UAF in run_timer_softirq()
In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...
kernel: dm clone: Fix UAF in clone_dtr()
A use-after-free vulnerability was found in the device-mapper clone target. When dmresume and dmdestroy execute concurrently, a timer may fire after the clone target structure has been freed, leading to use-after-free...
kernel: dm cache: free background tracker's queued work in btracker_destroy
A memory leak was found in the device-mapper cache target in the Linux kernel. The btrackerdestroy function fails to free queued work items from the background tracker before destroying the slab cache. This triggers a BUG when kmemcacheshutdown finds objects still remaining...