77 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: lib/groupcpus: Fixed the issue of NULL pointer dereferencing in groupcpusevenly. While testing nullblk with configfs, the command echo 0 pollqueues would trigger the following panic: BUG: NULL pointer dereferencing in the kernel,...
Ubuntu 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nullblk: fixed handling of poll request timeouts When performing the iouring benchmark on /dev/nullb0, it’s easy for the kernel to crash if poll requests time out, as reported by David. 1 BUG: Kernel NULL pointer dereferencing...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a memory leak in blkmqinitallocatedqueue. There is a memory leak caused by modprobe nullblk.ko. Unreferenced object 0xffff8881acb1f000 size 1024: - Command: “modprobe”, PID: 836, Jiffies: 4294971190 Age: 27.068...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check the queue mode setting from configfs. Make sure to check the device queue mode in the nullvalidateconf function, and return an error for NULLQRQ since we do not allow legacy I/O paths. Without this patch, we...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: be a bit more careful in checking for NULL bdev while polling Wei reports a crash with an application using polled IO: PGD 14265e067 P4D 14265e067 PUD 47ec50067 PMD 0 Oops: 0000 1 SMP CPU: 0 PID: 21915 Comm: iocore0 Kdump:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006584)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006584 advisory. In the Linux kernel, the following vulnerability has been resolved: nullblk: Always check queue mode setting from configfs Make sure to check device queue mode in th...
SUSE CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
UBUNTU-CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
The CVE-2026-23032 issue affects the Linux kernel null_blk driver when CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled. Fault-injection configfs items (timeout_inject, requeue_inject, init_hctx_fault_inject) are created as children of the top-level nullbX group, but references to these items a...
EUVD-2026-5062
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032 null_blk: fix kmemleak by releasing references to fault configfs items
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032 null_blk: fix kmemleak by releasing references to fault configfs items
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005006)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005006 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oombfqq Our test report a UAF: 2073.019181...
Azure Linux 3.0 Security Update: kernel (CVE-2024-36478)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36478 advisory. - In the Linux kernel, the following vulnerability has been resolved: nullblk: fix null-ptr-dereference while...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002535)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002535 advisory. An issue was discovered in fs/xfs/libxfs/xfsattrleaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfsdashrinkinode is call...