Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nbd: Fixed an issue where the process got hung during disconnection of a device. In our tests, “qemu-nbd” triggered a hung process: INFO: Task “qemu-nbd”: 11445 is blocked for more than 368 seconds. Not tainted...

Linux Distros Unpatched Vulnerability : CVE-2026-45953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still...

CVE-2026-45953 md/raid5: fix IO hang with degraded array with llbitmap

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmapops-blockssynced is checked in handlestripedirtying. However, later the same check is...

CVE-2026-45953

CVE-2026-45953 affects the Linux kernel’s MD RAID5 subsystem. The root cause is a missing check in need_this_block() when an llbitmap bit is unwritten in a degraded array, which can cause stripe handling to deadlock and trigger an I/O hang (DoS-like impact). Public sources describe the issue and ...

CVE-2026-45953

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmapops-blockssynced is checked in handlestripedirtying. However, later the same check is...

PT-2026-43820

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the md/raid5 component where a degraded array using llbitmap can experience an IO hang. When the llbitmap bit state remains unwritten, new writes should force a...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the issue where “r10bio-remaining” was leaked for recovery purposes. raid10syncrequest will add “r10bio-remaining” for both rdev and replacement rdev. However, if the read I/O fails, recoveryrequestwrite returns...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013810)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013810 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011326)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011326 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992223)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992223 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio-remaining' for recovery raid10syncrequest will add...

CVE-2022-50636

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for VFs because it reads the Vendor and Device ID, which are 0xffff for VFs, which looks like they aren't present. Check the PF instead...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988962)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988962 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, qemu-nbd triggers a io hung: INFO: task...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990169)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990169 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, qemu-nbd triggers a io hung: INFO: task...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989701 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, qemu-nbd triggers a io hung: INFO: task...

DEBIAN-CVE-2023-53299

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio-remaining' for recovery raid10syncrequest will add 'r10bio-remaining' for both rdev and replacement rdev. However, if the read io fails, recoveryrequestwrite returns without issuing the write io, in...

PT-2025-37904

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s md/raid10 subsystem related to a leak of r10bio-remaining during recovery operations. Specifically, the raid10 sync request function adds...

SUSE CVE-2022-49297

In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for more than 368 seconds. Not tainted 5.18.0-rc3-next-20220422-00003-g2176915513ca 884 "echo 0...

DEBIAN-CVE-2022-49297

In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for more than 368 seconds. Not tainted 5.18.0-rc3-next-20220422-00003-g2176915513ca 884 "echo 0...

UBUNTU-CVE-2022-49297

In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for more than 368 seconds. Not tainted 5.18.0-rc3-next-20220422-00003-g2176915513ca 884 "echo 0...

CVE-2022-49394

In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. As this tracking can be expensive, it is disabled when no cgroup has iolatency configured for th...