Astra Linux – Vulnerability in Linux, Linux 5.10

In mmcblkreadsingle of block.c, there is a way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card triggers errors, without requiring additional execution privileges. User interaction is not required for exploitation...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001704 advisory. In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414475)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414475 advisory. In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if...

SUSE CVE-2022-20008

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

The vulnerability of the mmc_blk_read_single function in the block.c component of the Linux operating system allows a hacker to gain access to confidential data.

The vulnerability of the mmcblkreadsingle function in the block.c component of the Linux operating system’s kernel is related to the use of an uninitialized resource. Exploiting this vulnerability allows an attacker to access confidential data...

DEBIAN-CVE-2022-20008

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

CVE-2018-18318

The /dev/block/mmcblk0rpmb driver kernel module on Qiku 360 Phone N6 Pro 1801-A01 devices allows attackers to cause a denial of service NULL pointer dereference and device crash via a crafted 0xc0d8b300 ioctl call...

Design/Logic Flaw

drivers/mmc/card/mmcblocktest.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm internal bug CR547479...

UBUNTU-CVE-2014-9878

drivers/mmc/card/mmcblocktest.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm internal bug CR547479...