Astra Linux - уязвимость в linux

An integer overflow or wrap-around vulnerability in the iouring module of the Linux kernel allows a local attacker to cause memory corruption and escalate privileges to root. This issue affects Linux Kernel versions prior to 5.4.189, as well as version 5.4.24 and later versions...

AlmaLinux 10 : kernel (ALSA-2026:4012)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4012 advisory. kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel iouring: Local privileg...

kernel: Linux kernel io_uring: Local privilege escalation, information disclosure, or denial of service via use-after-free

A flaw was found in the Linux kernel's iouring subsystem. A local attacker with low privileges could exploit a use-after-free vulnerability when the sq-thread object is prematurely released while still being accessed by the iouringshowfdinfo function. This flaw could lead to privilege escalation,...

USN-8015-5: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698, CVE-2025-40019...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003973 advisory. A flaw was found in the Linux kernels iouring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalat...

Linux Distros Unpatched Vulnerability : CVE-2023-0240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a logic error in iouring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the...

Linux Distros Unpatched Vulnerability : CVE-2021-20226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the iouring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the syst...

Linux Distros Unpatched Vulnerability : CVE-2022-1786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the Linux kernel's iouring subsystem in the way a user sets up a ring with IORINGSETUPIOPOLL with more than one task completi...

Linux Distros Unpatched Vulnerability : CVE-2023-2598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the fixed buffer registration code for iouring iosqebufferregister in iouring/rsrc.c in the Linux kernel that allows out-of-bounds access to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: abort file assignment prior to assigning creds We need to either restore creds properly if we fail on the file assignment, or just do the file assignment first instead. Let's do the latter as it's simpler, should make no...

SUSE CVE-2021-20226

A use-after-free flaw was found in the iouring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not...

USN-5682-1 linux-aws-5.4 vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

USN-5668-1 linux, linux-aws, linux-bluefield, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

DEBIAN-CVE-2022-1043

A flaw was found in the Linux kernel’s iouring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges...

DEBIAN-CVE-2022-2327

iouring use workflags to determine which identity need to grab from the calling process to make sure it is consistent with the calling process when executing IORINGOP. Some operations are missing some types, which can lead to incorrect reference counts which can then lead to a double free. We...

UBUNTU-CVE-2022-1116

Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions...

CVE-2021-20226

A use-after-free flaw was found in the iouring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not...