Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevents potential Spectre v1 exploits. It seems that cmd could be a Spectre v1 exploit, as it is provided by a user and used as an array index. This vulnerability prevents the contents of kernel memory from being leake...

Linux Distros Unpatched Vulnerability : CVE-2026-46294

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm- ioctl in the function retrievestatus: 1. The code in...

CVE-2026-46294

A flaw was found in the Linux kernel, specifically within the dm-ioctl module. An improper pointer alignment in the retrievestatus function could lead to a buffer overflow, where data is written beyond the allocated buffer. Despite this, the vulnerability has no practical security implications as...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a buffer overflow issue during the processing of dm-ioctl commands. This vulnerability could lead...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the drivers/md/dm-ioctl.c file of the Linux kernel, up to version 6.7.1, copyparams may attempt to allocate more than INTMAX bytes, resulting in a crash due to the absence of the paramkernel-datasize check. This issue is related to ctlioctl...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001397)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001397 advisory. An out-of-bounds OOB memory write flaw was found in listdevices in drivers/md/dm-ioctl.c in the Multi- device driver module in the Linux kernel before 5.12. A bound...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991132)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991132 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990770)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990770 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990020 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989353)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989353 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

EUVD-2025-12992

Malicious code in bioql PyPI...

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

CVE-2022-49771

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the "dmtargetiteratelistversiongetneeded, &needed" call and then will fill the space using the...

CVE-2022-49771 dm ioctl: fix misbehavior if list_versions races with module loading

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the "dmtargetiteratelistversiongetneeded, &needed" call and then will fill the space using the...

CVE-2022-49771 dm ioctl: fix misbehavior if list_versions races with module loading

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the "dmtargetiteratelistversiongetneeded, &needed" call and then will fill the space using the...

CVE-2022-49771

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first estimate the required space using the "dmtargetiteratelistversiongetneeded, &needed" call and then will fill the space using the...

PT-2025-18488 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A bug in the Linux kernel's dm ioctl has been resolved. The issue occurs when the list versions function estimates the required space using the dm target iteratelist version get needed...