CVE-2025-40134

The CVE-2025-40134 entry describes a race between suspend of a device-mapper (dm) device and table load, which can trigger a NULL pointer dereference in __dm_suspend() when suspend is invoked before table load completes. The provided details show a race where dm (dm_stop_queue/dm_suspend) may acc...

CVE-2025-40134

In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in dmsuspend There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes: BUG...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between a dm device hang and a table load that could lead to a null pointer dereference...

OESA-2025-2632 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cacheshow The function cshow was called with protection from RCU. This only ensures that cp will not be freed...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988956)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988956 advisory. In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dmiodecpending calls endioacct first and wil...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: dm: dm-crypt: Do not partially accept write BIOs with zoned targets Read and write operations issued to a dm-crypt target may be split according to the dm-crypt internal limits defined by the maxreadsize and maxwritesize modul...

CVE-2025-60542

SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false...

Siemens SIMATIC Devices Operation on a Resource after Expiration or Release (CVE-2024-57929)

In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dmarraycursorend When dmbmreadlock fails due to locking or checksum errors, it releases the faulty block implicitly while leaving an invalid output pointer behind. The caller ...

Linux Distros Unpatched Vulnerability : CVE-2022-50563

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in...

EUVD-2023-60004

In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633adcasyncread req is allocated in pcf50633adcasyncread, but adcenqueuerequest could fail to insert the req into queue. We need to check the return value and free it in the case o...

EUVD-2022-55658

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

CVE-2022-50563

In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...

UBUNTU-CVE-2022-50563

In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...

CVE-2022-50563 dm thin: Fix UAF in run_timer_softirq()

In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...

CVE-2022-50563

CVE-2022-50563 (Linux kernel) describes a use-after-free in the dm thin subsystem when concurrent dm_resume() and dm_destroy() trigger run_timer_softirq(). The root cause is that dm_resume() can re-arm a timer after dm_destroy() has not cancelled it due to suspend status, leading to the timer fir...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the concurrent execution of dmresume and dmdestroy, which could lead to memory...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987611)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987611 advisory. In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tagsize is less than digest size It is possible to set u...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987624 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

Linux Distros Unpatched Vulnerability : CVE-2022-50534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm thin: Use last transaction's pmd-root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata:...

SUSE CVE-2022-50534

In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd-root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung tasks CPU: 7 PID: 26692...