Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the memory leak related to ‘conf-biosplit’. In the error path of raid10run, ‘conf’ needs to be freed. However, ‘conf-biosplit’ is not freed, resulting in a memory leak. Since there are three places where ‘conf’...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: md: Avoid repeated calls to delgendisk. There is a UAF Uninitialized Address Fault issue that was detected during case 23rdev-lifetime. Oops: General Protection Fault; likely due to a non-canonical address of 0xdead000000000122...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the incorrect setting of maxcorrreaderrors. There is no input validation when using the echo md/maxreaderrors command, and an overflow might occur. Add validation for the input number...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not use btrfssetitemkeysafe on RAID stripe-extents. Do not use btrfssetitemkeysafe to modify the keys in the RAID stripe-tree, as this can lead to corruption of the tree, which is caught by the checks in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: md: raid1: fixed a potential out-of-bounds error in raid1removedisk. If rddev-raiddisk is greater than mddev-raiddisks, an out-of-bounds error will occur in raid1removedisk. We have already encountered similar reports, as...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drivers:md: fix a potential use-after-free bug At line 2884, the statement "raid5releasestripesh;" removes the reference to sh, which may cause sh to be released. However, sh is later used in line 2886, where it appears in the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dm raid: fixed the KASAN warning in raid5adddisks. There is a KASAN warning in raid5adddisk when running the LVM testsuite. The warning occurs during the test lvconvert-raid-reshape-lineartoraid6-single-type.sh. We fixed this...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: md/raid0, raid10: Do not set discard sectors for the request queue. It should use diskstacklimits to determine the appropriate maxdiscardsectors instead of setting the value using stack drivers. There is also a bug. If all...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: added handling for RAID1C23/DUP to btrfsreduceallocprofile Callers of btrfsreduceallocprofile expect it to return exactly one allocation profile flag. If this is not done, it may ultimately result in a WARNON and remount-r...

AMD RAID Driver Security Update

AMD has informed HP of a potential security vulnerability in the AMD RAID Driver, which might allow escalation of privilege and arbitrary code execution. AMD is releasing driver updates to mitigate the potential vulnerability. AMD has released updates to mitigate the potential vulnerability. HP h...

CVE-2024-21962

Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution...

md/raid10: fix divide-by-zero in setup_geo() with zero far_copies

...

SUSE CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

Linux Distros Unpatched Vulnerability : CVE-2026-46161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without...

CVE-2026-46161

A flaw was found in the Linux kernel's md/raid10 module. This vulnerability allows a local user to trigger a divide-by-zero error within the setupgeo function by supplying a malformed layout parameter where the farcopies value is set to zero. Successful exploitation of this flaw can lead to a...

CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

UBUNTU-CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

CVE-2026-46161

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...

CVE-2026-46161

CVE-2026-46161 affects the Linux kernel md/raid10 code: setup_geo() may divide by zero when fc (far copies) is 0, since it derives geo->far_set_size from disks/fc without validating zero. The fix validates nc and fc after extraction and returns -1 if either is zero. Connected OSV entries show ...

EUVD-2026-32788

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...