26 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005508)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005508 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process ...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-47706)
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain In this case, IO from Process 1 will get bfqq2 from BIC1 first, and then get bfqq3 through merge chain, and finially handle IO by bfqq3. Howerver, current code will think...
SUSE CVE-2024-47706
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process 1 Process 2 Process 3 BIC1 BIC2 BIC3 | ^ | ^ | ^ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 2 bfqq1 merged to bfqq...
SUSE-SU-2025:03186-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005580 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address reentra...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245505 CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579 CVE-2025-38001: netsched: hfsc: Address reentrant enqueue adding class to eltree...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: block, bfq: Fixed a potential UAF issue for bfqq-bic when using the merge chain. 1 Initial state: Three tasks: - Process 1 Process 2 Process 3 - BIC1 BIC2 BIC3 | Λ | Λ | Λ | | | | | V | V | V bfqq1 bfqq2 bfqq3 Process referenc...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49854)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49854 advisory. - In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing...
Azure Linux 3.0 Security Update: kernel (CVE-2024-47706)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47706 advisory. - In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bi...
block bfq: fix possible UAF for bfqq->bic with merge chain
...
CVE-2024-49854
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...
CVE-2024-47706
A flaw was found in the Budget Fair Queueing BFQ I/O scheduler in the Linux kernel. Handling merged chains of BFQ queues can cause a use-after-free condition and result in a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not...
SUSE CVE-2024-49854
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...
AZL-50829 CVE-2024-49854 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...
DEBIAN-CVE-2024-49854
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...
UBUNTU-CVE-2024-49854
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...
CVE-2024-49854 block, bfq: fix uaf for accessing waker_bfqq after splitting
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing wakerbfqq after splitting After commit 42c306ed7233 "block, bfq: don't break merge chain in bfqsplitbfqq", if the current procress is the last holder of bfqq, the bfqq can be freed after...
CVE-2024-47706
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process 1 Process 2 Process 3 BIC1 BIC2 BIC3 | Λ | Λ | Λ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 2 bfqq1 merged to bfqq...
AZL-51234 CVE-2024-47706 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process 1 Process 2 Process 3 BIC1 BIC2 BIC3 | Λ | Λ | Λ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 2 bfqq1 merged to bfqq...