CVE-2023-54227 blk-mq: fix tags leak when shrink nr_hw_queues

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...

CVE-2023-54223

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

CVE-2023-54223 net/mlx5e: xsk: Fix invalid buffer access for legacy rq

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

CVE-2023-54223

CVE-2023-54223: In the Linux kernel mlx5 net/xsk legacy-rq path, a buffer could be released twice (in XDP_REDIRECT and then by the driver) due to switching from a skip-release flag to fragment-counts. The fix adds a guard flag to avoid driver-side release, preventing a use-after-free/general-prot...

CVE-2023-54223 net/mlx5e: xsk: Fix invalid buffer access for legacy rq

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

CVE-2022-50838

CVE-2022-50838 concerns a Linux kernel issue in net: stream where the socket error queue (sk_error_queue) was not purged on socket close, enabling TCP socket leaks and potential memory exhaustion. The root cause involves TX timestamping and error queue handling: when SOF_TIMESTAMPING_TX_ACK is en...

CVE-2022-50838 net: stream: purge sk_error_queue in sk_stream_kill_queues()

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

CVE-2022-50838 net: stream: purge sk_error_queue in sk_stream_kill_queues()

In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, with a nice repro. It seems we leak TCP sockets with the following sequence: 1 SOFTIMESTAMPINGTXACK is enabled on the socket. Each ACK...

CVE-2022-50833

CVE-2022-50833 relates to the Linux kernel Bluetooth HCI work queue handling. The issue arose when scheduling hdev->{cmd,ncmd}_timer work on the hdev->workqueue during a draining WQ, which could conflict with a destruction-during-queue state. The mitigation involves using the hdev->workq...

CVE-2023-54201 RDMA/efa: Fix wrong resources deallocation order

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

CVE-2023-54201 RDMA/efa: Fix wrong resources deallocation order

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...

CVE-2023-54191 wifi: mt76: mt7996: fix memory leak in mt7996_mcu_exit

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix memory leak in mt7996mcuexit Always purge mcu skb queues in mt7996mcuexit routine even if mt7996firmwarestate fails...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992427)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992427 advisory. In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFAC...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of null cpumask when setting virtual queue affinities, which could lead to null pointer dereferences...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a work queue that has a post-release reuse issue that could lead to memory corruption...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992612)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992612 advisory. In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992222)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992222 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If getnumsdmaqueues or getnumxgmisdmaqueues is ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992311)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992311 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: Fix hung when signal interrupts nbdstartdeviceioctl syzbot reported hung task 1. The followi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to refresh the work queue when removing a custom query handler, which could lead to a kernel panic...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mcuexit function of mt7996 not clearing the skb queue, which could lead to a memory leak...