92 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed an assertion failure that occurred when splitting an ordered extent after a transaction abort. If a direct IO write transaction abort occurs, we mark all existing ordered extents with the BTRFSORDEREDIOERR flag done...
CVE-2026-45151 NanoMQ: NULL Pointer Dereference
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Replaces WARNONs with nilfserror in cases where checkpoint acquisition fails. If the creation or finalization of a checkpoint fails due to anomalies in the checkpoint metadata on disk, a kernel warning is generated. This...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca – fixed a situation where the kernel’s NULL pointer was dereferenced due to an IO error. The initial settings will be written before the codec probe function is executed. However, the rt711-component has not yet...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006991)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006991 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure If creation or...
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-011297)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011297 advisory. In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add...
CVE-2026-21864
CVE-2026-21864 affects Valkey-Bloom (a Rust module for Valkey KV) where a crafted RESTORE command can trigger a server shutdown due to an assertion during RDB parsing if the VALKEYMODULE_OPTIONS_HANDLE_IO_ERRORS flag is not set. The issue existed despite the module handling parsing; a patch (comm...
CVE-2026-21864 Remote DoS from malformed RESTORE command
Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...
EUVD-2026-7461
Valkey-Bloom is a Rust based Valkey module which brings a Bloom Filter Module data type into the Valkey distributed key-value database. Prior to commit a68614b6e3845777d383b3a513cedcc08b3b7ccd, a specially crafted RESTORE command can cause Valkey to hit an assertion, causes the server to shutdown...
SUSE CVE-2025-71225
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
CVE-2025-71225 md: suspend array while updating raid_disks via sysfs
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
CVE-2025-71225
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001279)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001279 advisory. The cp2112gpiodirectioninput function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-lengt...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassociation waits for pending I/O to complete before returning. An error can cause -ioerrwork to be queued after cancelworksync has been called. Mov...
CVE-2023-54130
In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARNON for sanity check, use proper error handling Commit 55d1cbbbb29e "hfs/hfsplus: use WARNON for sanity check" fixed a build warning by turning a comment into a WARNON, but it turns out that syzbot then...
UBUNTU-CVE-2023-54130
In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARNON for sanity check, use proper error handling Commit 55d1cbbbb29e "hfs/hfsplus: use WARNON for sanity check" fixed a build warning by turning a comment into a WARNON, but it turns out that syzbot then...
CVE-2025-40261
In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassocation waits for pending I/O to complete before returning, and an error can cause -ioerrwork to be queued after cancelworksync had been called. Mov...
CVE-2025-40261 nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()
In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassocation waits for pending I/O to complete before returning, and an error can cause -ioerrwork to be queued after cancelworksync had been called. Mov...
PT-2025-49091
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0 Description The Linux kernel contains a flaw within the nvme-fc subsystem. Specifically, the issue arises from improper handling of work queues during the deletion of an NVMe-FC controller association. The...
EUVD-2022-54800
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled If the hfi1 module is loaded with HFI1CAPSDMA off, a call to hfi1writeiter will dereference a NULL pointer and panic. A typical stack frame is: sdmaselectuserengine hfi1...