CVE-2023-54209

CVE-2023-54209 — In the Linux kernel, a leak of debugfs entries for blktrace could occur when a disk is closed after del_gendisk() if blktrace remained enabled via an ioctl opened before del_gendisk. The fix moves blktrace shutdown to disk_release() and relies on the reentrancy of blk_trace_remov...

CVE-2025-68348 block: fix memory leak in __blkdev_issue_zero_pages

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

CVE-2025-68348

CVE-2025-68348 : In the Linux kernel block layer, a memory leak in __blkdev_issue_zero_pages was fixed by moving the fatal signal check before bio_alloc(). If a fatal signal was pending and BLKDEV_ZERO_KILLABLE was set, the code could allocate a bio and then exit the loop without freeing it. The ...

SUSE CVE-2025-68218

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: fix lockdep WARN due to partition scan work Blktests test cases nvme/014, 057 and 058 fail occasionally due to a lockdep WARN. As reported in the Closes tag URL, the WARN indicates that a deadlock can happen due t...

SUSE CVE-2023-53269

In the Linux kernel, the following vulnerability has been resolved: block: ublk: make sure that block size is set correctly block size is one very key setting for block layer, and bad block size could panic kernel easily. Make sure that block size is set correctly. Meantime if ublkvalidateparams...

PT-2025-37874

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's block layer where an incorrect block size could cause a kernel panic. The issue stems from an improper setting of the block size, a critical parameter...

Linux Distros Unpatched Vulnerability : CVE-2020-29569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler...

CVE-2025-37978

CVE-2025-37978 : In the Linux kernel, a patch resolves an issue in block integrity handling where placing multiple protection information buffers in the same page could cause kernel oopses because set_page_dirty_lock() cannot be called from interrupt context. The fix drops the set_page_dirty_lock...

UBUNTU-CVE-2025-21817

In the Linux kernel, the following vulnerability has been resolved: block: mark GFPNOIO around sysfs -store sysfs -store is called with queue freezed, meantime we have several -store callbacksupdatenrrequests, wbt, scheduler to allocate memory with GFPKERNEL which may run into direct reclaim code...

CVE-2022-49694 block: disable the elevator int del_gendisk

In the Linux kernel, the following vulnerability has been resolved: block: disable the elevator int delgendisk The elevator is only used for file system requests, which are stopped in delgendisk. Move disabling the elevator and freeing the scheduler tags to the end of delgendisk instead of doing...

CVE-2024-53689

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

kernel: block: fix module reference leakage from bdev_open_by_dev error path

In the Linux kernel, the following vulnerability has been resolved: block: fix module reference leakage from bdevopenbydev error path The Linux kernel CVE team has assigned CVE-2024-35859 to this issue. Upstream advisory:...

kernel: block: prevent division by zero in blk_rq_stat_sum()

In the Linux kernel, the following vulnerability has been resolved: block: prevent division by zero in blkrqstatsum The Linux kernel CVE team has assigned CVE-2024-35925 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051914-CVE-2024-35925-fa17@gregkh/T...

CVE-2023-31082

An issue was discovered in drivers/tty/ngsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmldwrite, which will block the kernel. Note: This has been disputed by 3rd parties as not a valid vulnerability...

DEBIAN-CVE-2023-31082

An issue was discovered in drivers/tty/ngsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmldwrite, which will block the kernel. Note: This has been disputed by 3rd parties as not a valid vulnerability...

UBUNTU-CVE-2023-31082

An issue was discovered in drivers/tty/ngsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmldwrite, which will block the kernel. Note: This has been disputed by 3rd parties as not a valid vulnerability...

Code injection

An issue was discovered in drivers/tty/ngsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmldwrite, which will block the kernel...

kernel: block: CLONE_IO io_context refcounting issues

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONEIO feature, which allows local users to cause a denial of service I/O instability by starting multiple processes that share an I/O context...