51 matches found
CVE-2026-45997
A flaw was found in the Linux kernel's SCSI disk sd driver. When adding a new device, a failure in deviceadd can lead to a resource leak where a gendisk remains referenced but is not properly freed. This missing cleanup, specifically the putdisk call, can result in resource exhaustion. A local...
CVE-2026-45997
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...
CVE-2026-45997 scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...
EUVD-2026-32293
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...
PT-2026-43864
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference-count leak occurs in the SCSI subsystem. When the device add&disk dev function fails, put device triggers scsi disk release, which frees the scsi disk but fails to release th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: md: Avoid repeated calls to delgendisk. There is a UAF Uninitialized Address Fault issue that was detected during case 23rdev-lifetime. Oops: General Protection Fault; likely due to a non-canonical address of 0xdead000000000122...
CVE-2023-54209
In the Linux kernel, the following vulnerability has been resolved: block: fix blktrace debugfs entries leakage Commit 99d055b4fd4b "block: remove per-disk debugfs files in blkunregisterqueue" moves blktraceshutdown from blkreleasequeue to blkunregisterqueue, this is safe if blktrace is created...
CVE-2023-54209
In the Linux kernel, the following vulnerability has been resolved: block: fix blktrace debugfs entries leakage Commit 99d055b4fd4b "block: remove per-disk debugfs files in blkunregisterqueue" moves blktraceshutdown from blkreleasequeue to blkunregisterqueue, this is safe if blktrace is created...
UBUNTU-CVE-2023-54209
In the Linux kernel, the following vulnerability has been resolved: block: fix blktrace debugfs entries leakage Commit 99d055b4fd4b "block: remove per-disk debugfs files in blkunregisterqueue" moves blktraceshutdown from blkreleasequeue to blkunregisterqueue, this is safe if blktrace is created...
CVE-2023-54209
CVE-2023-54209 — In the Linux kernel, a leak of debugfs entries for blktrace could occur when a disk is closed after del_gendisk() if blktrace remained enabled via an ioctl opened before del_gendisk. The fix moves blktrace shutdown to disk_release() and relies on the reentrancy of blk_trace_remov...
PT-2025-54038
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the handling of blktrace debugfs entries. A regression was introduced where debugfs entries could be leaked if blktrace was enabled after a...
SUSE CVE-2025-68373
In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to delgendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdiunregister+0x4b/0x170 Call...
EUVD-2023-60328
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with listadd corruption Commit fb08a1908cb1 "dax: simplify the daxdevice gendisk association" introduced new logic for gendisk association, requiring drivers to explicitly call daxaddhost and...
UBUNTU-CVE-2023-54117
In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with listadd corruption Commit fb08a1908cb1 "dax: simplify the daxdevice gendisk association" introduced new logic for gendisk association, requiring drivers to explicitly call daxaddhost and...
EUVD-2025-205081
In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to delgendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdiunregister+0x4b/0x170 Call...
CVE-2025-68373
In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to delgendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdiunregister+0x4b/0x170 Call...
CVE-2025-68373
In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to delgendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdiunregister+0x4b/0x170 Call...
CVE-2025-68373 md: avoid repeated calls to del_gendisk
In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to delgendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdiunregister+0x4b/0x170 Call...
CVE-2025-68373 md: avoid repeated calls to del_gendisk
In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to delgendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdiunregister+0x4b/0x170 Call...
CVE-2025-68373
Summary: CVE-2025-68373 relates to the Linux kernel md subsystem where a race can trigger use-after-free in del_gendisk during reconfig, leading to a fault (non-canonical address 0xdead000000000122) as shown in the stack trace. The provided patches introduce a new flag, MD_DO_DELETE, to prevent t...