89 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed a null pointer dereference in blkmqclearrqmapping. Our syzkaller report identified a null pointer dereference. The root cause is as follows: - blkmqallocmapandrqs: set-tagshctxidx = blkmqallocmapandrqs. -...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: The crypto keyslot should be released before reporting I/O completion. Once all I/O using the blkcryptokey is completed, the file systems can call blkcryptoevictkey. However, the block layer currently does not call...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed an issue where IO operations could hang due to a race condition involving the sbitmap wakeup mechanism. In blkmqmarktagwait, addwaitqueue might be re-ordered. In addition, blkmqgetdrivertag might fail if the driver...
CVE-2026-43471
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer dereference when accessing hwq-id. This can happen if...
PT-2026-39109
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the nvme poll irqdisable function. A device can be disabled by nvme dev disable called via nvme reset work between the time an IRQ is disabled and when it is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Do not touch -tagset in blkmqgetsqhctx. The function blkmqrunhwqueues may be called when there are no requests queued, and after the queue is cleaned up, -tagset is freed. This is because the lifetime of -tagset is manage...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013671)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013671 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: use quiesced elevator switch when reinitializing queues The hctx's runwork may be racing...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010911)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010911 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cakeinit fails When the default qdisc is cak...
kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...
kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix NULL dereference on q-elevator in blkmqelvswitchnone CVE-2023-53292 In the Linux kernel, the following vulnerability has been resolved: block: fix race between setblocksize and read paths CVE-2025-3807...
UBUNTU-CVE-2025-68756
In the Linux kernel, the following vulnerability has been resolved: block: Use RCU in blkmqunquiescetagset instead of set-taglistlock blkmqadd,delqueuetagset functions add and remove queues from tagset, the functions make sure that tagset and queues are marked as shared when two or more queues ar...
CVE-2023-54227
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...
UBUNTU-CVE-2023-54227
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...
CVE-2023-54227
CVE-2023-54227 concerns the Linux kernel. It fixes a leak in blk-mq tags when shrinking nr_hw_queues: although the tags array is not reallocated, the existing tags must be freed to avoid leaks. Reproduction involves using configfs with a null_blk device, creating a poll queue and submitting 8 que...
CVE-2023-54227
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...
CVE-2025-68224
...
CVE-2025-68224 scsi: core: Fix a regression triggered by scsi_host_busy()
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsihostbusy Commit 995412e23bb2 "blk-mq: Replace tags-lock with SRCU for tag iterators" introduced the following regression: Call trace: srcureadlock+0x30/0x80 P...
Linux Distros Unpatched Vulnerability : CVE-2023-53760
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: mcq: Fix &hwq-cqlock deadlock issue When ufshcderrhandler is executed, CQ event interrupt can enter waiting for the same lock. This can happen...
CVE-2025-40146
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nrrequests grown Allocate and free schedtags while queue is freezed can deadlock1, this is a long term problem, hence allocate memory before freezing queue and free memory after queue is...