14 matches found
SUSE CVE-2026-23113
In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...
CVE-2026-23113
A flaw was found in the Linux kernel's iouring subsystem. When io-wq worker threads process extremely long-running I/O operations such as large reads from /dev/msr devices, the exit path may be delayed for an extended period because the IOWQBITEXIT flag is only checked before the work loop begins...
UBUNTU-CVE-2026-23113
In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...
CVE-2026-23113
In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...
CVE-2026-23113 io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop
In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...
CVE-2026-23113 io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop
In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...
Linux Distros Unpatched Vulnerability : CVE-2026-23113
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items eith...
PT-2026-8106
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the io uring/io-wq subsystem. Specifically, processing a large number of 2GB - 4096B reads from a /dev/msr file using loop rw iter can take an...
kernel: smb: client: fix UAF in async decryption
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. Reproducer: mount.cifs -o ...,seal,esize=1 //srv/share /mnt dd if=/mnt/largefile...
DEBIAN-CVE-2024-50047
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. Reproducer: mount.cifs -o ...,seal,esize=1 //srv/share /mnt dd if=/mnt/largefile...
AZL-50936 CVE-2024-50047 affecting package kernel for versions less than 6.6.57.1-1
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption large read crashes with a slab-use-after-free way down in the crypto API. Reproducer: mount.cifs -o ...,seal,esize=1 //srv/share /mnt dd if=/mnt/largefile...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a missing allocation check in sftp server processing read requests. A malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which is not being checked for failure. For...
CVE-2023-3603
A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticat...
SUSE CVE-2023-3603
A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticat...