Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restricted kiocbsetcancelfn to I/O submitted via libaio. If kiocbsetcancelfn is called for I/O submitted via iouring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocbsetcancelfn+0x9c/0x...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005440)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005440 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument...

kernel: io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU

A use-after-free flaw was found in iouring/msgring in the Linux Kernel. In this flaw iokiocb freeing is deferred for RCU which can lead to a kernel information leak problem...

kernel: io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU

A use-after-free flaw was found in iouring/msgring in the Linux Kernel. In this flaw iokiocb freeing is deferred for RCU which can lead to a kernel information leak problem...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991280)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991280 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument...

EUVD-2025-203786

In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...

PT-2025-51698

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s io uring/net functionality. Specifically, the import process for vectored registered buffers incorrectly uses 'req' instead of the correct io kiocb,...

Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-15070051 fixes several issues. The following security issues were fixed: CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg bsc1248631. CVE-2025-38511: drm/xe/pf: Clear all LMTT pages on alloc bsc1248176. CVE-2025-38617: net/packet: fix...

EUVD-2024-51827

Malicious code in bioql PyPI...

EUVD-2022-34275

Malicious code in bioql PyPI...

CVE-2025-39698 io_uring/futex: ensure io_futex_wait() cleans up properly on failure

In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...

Linux Distros Unpatched Vulnerability : CVE-2022-29968

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.17.5. iorwinitfile in fs/iouring.c lacks initialization of kiocb-private. CVE-2022-29968 Note that Nessus...

UBUNTU-CVE-2025-38453

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: ensure iokiocb freeing is deferred for RCU syzbot reports that defer/local taskwork adding via msgring can hit a request that has been freed: CPU: 1 UID: 0 PID: 19356 Comm: iou-wrk-19354 Not tainted...

CLSA-2024-1718973513 Fix of 21 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26777 - fbdev: sis: Error out if pixclock equals zero CVE-url: https://ubuntu.com/security/CVE-2021-47542 - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic83xxaddrings CVE-url: https://ubuntu.com/security/CVE-2021-47518 - nfc: fix...

DEBIAN-CVE-2024-35815

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument may point at a struct kiocb that is not embedded inside struct aiokiocb. With the current code, depending on the compiler, the...

UBUNTU-CVE-2024-35815

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument may point at a struct kiocb that is not embedded inside struct aiokiocb. With the current code, depending on the compiler, the...

SUSE CVE-2024-26764

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocbsetcancelfn to I/O submitted via libaio If kiocbsetcancelfn is called for I/O submitted via iouring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocbsetcancelfn+0x9c/0xa8...

SUSE CVE-2022-29968

An issue was discovered in the Linux kernel through 5.17.5. iorwinitfile in fs/iouring.c lacks initialization of kiocb-private...

An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private.

...

AZL-9596 CVE-2022-29968 affecting package kernel for versions less than 5.15.37.1-2

An issue was discovered in the Linux kernel through 5.17.5. iorwinitfile in fs/iouring.c lacks initialization of kiocb-private...