77 matches found
Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: lib/groupcpus: Fixed a NULL pointer dereferencing issue in groupcpusevenly. While testing nullblk with configfs, executing echo 0 pollqueues would trigger the following panic: BUG: NULL pointer dereferencing in the kernel, addres...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: block: be a bit more careful in checking for NULL bdev while polling Wei reports a crash with an application using polled IO: PGD 14265e067 P4D 14265e067 PUD 47ec50067 PMD 0 Oops: 0000 1 SMP CPU: 0 PID: 21915 Comm: iocore0 Kdump:...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' Writing 'power' and 'submitqueues' concurrently will trigger kernel panic: Test script: modprobe nullblk nrdevices=0 mkdir -p...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a memory leak in blkmqinitallocatedqueue. There is a memory leak caused by modprobe nullblk.ko. Unreferenced object 0xffff8881acb1f000 size 1024: - Command: “modprobe”, PID: 836, Jiffies: 4294971190 Age: 27.068...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in the nullvalidateconf and return error for NULLQRQ as we don't allow legacy I/O path, without this patch we get OOPs when queue mode is...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix validation of block size Block size should be between 512 and PAGESIZE and be a power of 2. The current check does not validate this, so update the check. Without this patch, nullblk would Oops due to a null pointer...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nullblk: fixed handling of poll request timeouts When performing the iouring benchmark on /dev/nullb0, it’s easy for the kernel to crash if poll requests time out, as reported by David. 1 BUG: Kernel NULL pointer dereferencing...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006584)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006584 advisory. In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in th...
SUSE CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
UBUNTU-CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
EUVD-2026-5062
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
The CVE-2026-23032 issue affects the Linux kernel null_blk driver when CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled. Fault-injection configfs items (timeout_inject, requeue_inject, init_hctx_fault_inject) are created as children of the top-level nullbX group, but references to these items a...
CVE-2026-23032 null_blk: fix kmemleak by releasing references to fault configfs items
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032 null_blk: fix kmemleak by releasing references to fault configfs items
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005006)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005006 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq Our test report a UAF: 2073.019181...