17 matches found
CVE-2026-52933
CVE-2026-52933 affects the Linux kernel’s io_uring/poll path. The vulnerability stems from a signed comparison in io_poll_get_ownership(): it compares an atomic_read(&req->poll_refs) against IO_POLL_REF_BIAS using signed arithmetic. If the IO_POLL_CANCEL_FLAG (BIT(31)) is set, the read value b...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Block layer: The feature of freezing the request queue from within sysfs store callbacks has been removed. Freezing the request queue may cause a deadlock when combined with the dm-multipath driver and the queueifnopath option...
CVE-2025-71149
...
CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
UBUNTU-CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
CVE-2025-71117 block: Remove queue freezing from several sysfs store callbacks
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986662)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986662 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL:...
CVE-2023-53366
CVE-2023-53366 (Linux kernel)修正了在轮询时未正确检查 bio->bi_bdev 是否为 NULL 的漏洞,根本原因是在两任务共用轮询队列时,任务 B 可能在任务 A 仍在轮询时将 IO 重新分配给 bio,导致崩溃(kernel oops)。影响点在块层的 bio_poll/io_do_iopoll/io_uring_enter 路径,已通过内核修复在对 NULL bdev 的检查中加强保护。CVSSv3.1 向量为 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,基线分数 5.5(中等),局部可利用且无需用户交互,影响的为可用...
PT-2026-2878
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's block layer related to request queue freezing within sysfs store callbacks. Freezing the request queue during these callbacks can lead to a deadlock...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an IOPOLL lock overflow issue in the iouring component...
USN-6194-1 linux-oem-6.1 vulnerabilities
Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 Xingyuan Mo and Gengjia Chen...
OESA-2023-1038 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: A use-after-free flaw was found in the Linux kernel?s SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment function. This flaw allows a...
CVE-2022-1786
A use-after-free flaw was found in the Linux kernel’s iouring subsystem in the way a user sets up a ring with IORINGSETUPIOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system...
DEBIAN-CVE-2019-10125
An issue was discovered in aiopoll in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aiopollwake if an expected event is triggered immediately e.g., by the close of a pair of pipes after the return of vfspoll, and this will cause a use-after-free...