CVE-2024-53166

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfqlimitdepth Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-lock, however bfqlimitdepth is deferencing bfqq from bic without the lock, this can lead to UAF if t...

CVE-2024-53166

The CVE-2024-53166 entry concerns a Linux kernel bfq UAF in block/bfq. Root cause: bfq_limit_depth() dereferences bfqq loaded from bic without holding bfqd->lock, enabling a use-after-free when io_context is shared by multiple tasks (e.g., io_uring). Astra Linux security bulletin confirms a fi...

CVE-2024-53166 block, bfq: fix bfqq uaf in bfq_limit_depth()

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfqlimitdepth Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-lock, however bfqlimitdepth is deferencing bfqq from bic without the lock, this can lead to UAF if t...

Oracle Linux 6 : kernel (ELSA-2012-0481)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0481 advisory. - Revert: fs NFSv4: include bitmap in nfsv4 get acl data Sachin Prabhu 753231 753232 CVE-2011-4131 - kernel regset: Return -EFAULT, not -EIO, on...

RHEL 6 : kernel (RHSA-2012:0481)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0481 advisory. - kernel: sysctl: restrict write access to dmesgrestrict CVE-2011-4080 - kernel: block: CLONEIO iocontext refcounting issues CVE-2012-0879 -...

kernel security, bug fix, and enhancement update

2.6.32-220.13.1.el6 - Revert: fs NFSv4: include bitmap in nfsv4 get acl data Sachin Prabhu 753231 753232 CVE-2011-4131 2.6.32-220.12.1.el6 - net netsched: qdiscallochandle can be too slow Jiri Pirko 805458 785891 - fs procfs: add hidepid= and gid= mount options Jerome Marchand 770651 770652 - fs...