23 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: moving async event work off nvmet-wq For the target function nvmetctrlfree, the variable ctrl-asynceventwork is flushed. If nvmetctrlfree runs on nvmet-wq, the flush re-enters the workqueue completion for the same worker. ...
CVE-2026-31557
In the Linux kernel, the following vulnerability has been resolved: nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue completion for the same worker:- A. Async event work queued on...
CVE-2026-31557
Summary of CVE-2026-31557 (Linux kernel) : The issue affects the NVMe over Fabrics target (nvmet/nvmet_rdma) where flushing an asynchronous-event work item on nvmet-wq can recurse the same worker, risking a deadlock and DoS. The root cause is a potential re-entrant lock when nvmet_ctrl_free() flu...
CVE-2026-31557 nvmet: move async event work off nvmet-wq
In the Linux kernel, the following vulnerability has been resolved: nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue completion for the same worker:- A. Async event work queued on...
CVE-2026-31557
In the Linux kernel, the following vulnerability has been resolved: nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue completion for the same worker:- A. Async event work queued on...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the nvmetctrlfree function to refresh asynceventwork on the nvmet-wq layer. This...
Linux Distros Unpatched Vulnerability : CVE-2026-31557
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue...
SUSE CVE-2023-53767
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kqmidrivereventwork Currently the buffer pointed by event is not freed in case ATH12KFLAGUNREGISTERING bit is set, this causes memory leak. Add a goto skip instead of return, to ensure event...
DEBIAN-CVE-2023-53767
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kqmidrivereventwork Currently the buffer pointed by event is not freed in case ATH12KFLAGUNREGISTERING bit is set, this causes memory leak. Add a goto skip instead of return, to ensure event...
CVE-2023-53767 wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kqmidrivereventwork Currently the buffer pointed by event is not freed in case ATH12KFLAGUNREGISTERING bit is set, this causes memory leak. Add a goto skip instead of return, to ensure event...
CVE-2023-53767 wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kqmidrivereventwork Currently the buffer pointed by event is not freed in case ATH12KFLAGUNREGISTERING bit is set, this causes memory leak. Add a goto skip instead of return, to ensure event...
CVE-2023-53767
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kqmidrivereventwork Currently the buffer pointed by event is not freed in case ATH12KFLAGUNREGISTERING bit is set, this causes memory leak. Add a goto skip instead of return, to ensure event...
PT-2025-49497
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ath12k qmi driver event work function within the ath12k driver. The issue occurs when the ATH12K FLAG UNREGISTERING bit is set, preventing the proper freeing ...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988695)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988695 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport errorrecovery work While...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986400)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986400 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport errorrecovery work While...
DEBIAN-CVE-2025-37772
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix workqueue crash in cmaneteventworkhandler struct rdmacmid has member "struct workstruct network" that is reused for enqueuing cmaneteventworkhandlers onto cmawq. Below crash1 can occur if more than one call to...
The vulnerability of the nvmeevent_work() function in the Linux operating system’s NVMe driver allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the nvme in the drivers/nvme/host/core.c file of the Linux NVMe kernel driver is related to the reutilization of previously freed memory due to competitive access to resources race condition. Exploiting this vulnerability could allow an attacker to compromise the...
SUSE CVE-2022-48789
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix possible use-after-free in transport errorrecovery work While nvmetcpsubmitasynceventwork is checking the ctrl and queue state before preparing the AER command and scheduling iowork, in order to fully prevent a race...
SUSE CVE-2022-48788
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport errorrecovery work While nvmerdmasubmitasynceventwork is checking the ctrl and queue state before preparing the AER command and scheduling iowork, in order to fully prevent a ra...
AZL-47446 CVE-2022-48788 affecting package kernel for versions less than 5.15.32.1-3
In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport errorrecovery work While nvmerdmasubmitasynceventwork is checking the ctrl and queue state before preparing the AER command and scheduling iowork, in order to fully prevent a ra...