86 matches found
CVE-2026-43471
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer dereference when accessing hwq-id. This can happen if...
PT-2026-39109
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the nvme poll irqdisable function. A device can be disabled by nvme dev disable called via nvme reset work between the time an IRQ is disabled and when it is...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed an issue where IO operations could hang due to a race condition involving the sbitmap wakeup mechanism. In blkmqmarktagwait, addwaitqueue might be re-ordered. In the case of a failure in obtaining the driver tag,...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: The crypto keyslot should be released before reporting I/O completion. Once all I/O using the blkcryptokey is completed, the file systems can call blkcryptoevictkey. However, the block layer currently does not call...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: blk-mq: don't touch -tagset in blkmqgetsqhctx blkmqrunhwqueues could be run when there isn't queued request and after queue is cleaned up, at that time tagset is freed, because tagset lifetime is covered by driver, and often free...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed a null pointer dereference in blkmqclearrqmapping. Our syzkaller report identified a null pointer dereference. The root cause is as follows: - blkmqallocmapandrqs: set-tagshctxidx = blkmqallocmapandrqs. -...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013671)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013671 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: use quiesced elevator switch when reinitializing queues The hctx's runwork may be racing...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010911)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010911 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cakeinit fails When the default qdisc is cak...
kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...
kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q-elevator in blkmqelvswitchnone CVE-2023-53292 In the Linux kernel, the following vulnerability has been resolved: block: fix race between setblocksize and read paths CVE-2025-3807...
UBUNTU-CVE-2025-68756
In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...
UBUNTU-CVE-2023-54227
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...
CVE-2023-54227
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...
CVE-2023-54227
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...
CVE-2023-54227
CVE-2023-54227 concerns the Linux kernel. It fixes a leak in blk-mq tags when shrinking nr_hw_queues: although the tags array is not reallocated, the existing tags must be freed to avoid leaks. Reproduction involves using configfs with a null_blk device, creating a poll queue and submitting 8 que...
CVE-2025-68224 scsi: core: Fix a regression triggered by scsi_host_busy()
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsihostbusy Commit 995412e23bb2 "blk-mq: Replace tags-lock with SRCU for tag iterators" introduced the following regression: Call trace: srcureadlock+0x30/0x80 P...
CVE-2025-68224
...
Linux Distros Unpatched Vulnerability : CVE-2023-53760
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: mcq: Fix &hwq-cqlock deadlock issue When ufshcderrhandler is executed, CQ event interrupt can enter waiting for the same lock. This can happen...
CVE-2025-40146
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nrrequests grown Allocate and free schedtags while queue is freezed can deadlock1, this is a long term problem, hence allocate memory before freezing queue and free memory after queue is...