Astra Linux – Vulnerability in Linux

In the rbd block device driver located in drivers/block/rbd.c within the Linux kernel, up to version 5.8.9, incomplete permission checks were used for accessing rbd devices. This could have been exploited by local attackers to map or unmap rbd block devices, specifically the CID-f44d04e696fe devi...

rbd: fix null-ptr-deref when device_add_disk() fails

...

CVE-2026-46079

A flaw was found in the Linux kernel's Rados Block Device rbd module. When adding a new block device, a double teardown of resources can occur if the disk addition process fails. This can lead to a null-pointer dereference during cleanup operations, allowing a local attacker to cause a system...

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...

EUVD-2015-5170

Malware in sbrugna...

EUVD-2023-59954

Malicious code in bioql PyPI...

CVE-2023-53307

In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...

DEBIAN-CVE-2023-53307

In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...

CVE-2023-53307

In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...

CVE-2023-53307 rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails

In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in dorbdadd when rbddevcreate fails If getting an ID or setting up a work queue in rbddevcreate fails, use-after-free on rbddev-rbdclient, rbddev-spec and rbddev-opts is triggered in dorbdadd. The root...

PT-2025-38025

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free issue in the do rbd add function when rbd dev create fails. This occurs when ownership of structures like rbd dev-rbd client, rbd dev-spec, a...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.3 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.13.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS ba...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS bas...

SUSE CVE-2015-5160

libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device aka RBD, which allows local users to obtain sensitive information via a process listing...

kernel: incomplete permission checking for access to rbd devices

A flaw was found in the capabilities check of the rados block device functionality in the Linux kernel. Incorrect capability checks could alllow a local user with root priviledges but no capabilities to add or remove Rados Block Devices from the system...

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4752-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4752-1 advisory. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure- connections pairing authentication in the...

USN-4752-1: Linux kernel (OEM) vulnerabilities

Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...

USN-4752-1 linux-oem-5.6 vulnerabilities

Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proxima...

USN-4660-2: Linux kernel regression | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-4660-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression in the software raid10 driver when used with fstrim that could lead to data corruption. This updat...