CVE-2025-68373 md: avoid repeated calls to del_gendisk

In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to delgendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdiunregister+0x4b/0x170 Call...

SUSE CVE-2023-53791

In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990484 advisory. In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-rai...

AZL-76641 CVE-2023-53620 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in statusresync statusresync will calculate 'currresync - recoveryactive' to show user a progress bar like following: ============........ resync = 61.4% 'currresync' and 'recoveryactive' is updated in mddosyn...

CVE-2023-53665 md: don't dereference mddev after export_rdev()

In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after exportrdev Except for initial reference, mddev-kobject is referenced by rdev-kobject, and if the last rdev is freed, there is no guarantee that mddev is still valid. Hence mddev should not be use...

CVE-2025-38621

The CVE-2025-38621 issue affects the Linux kernel md subsystem, where md_spares_need_change could call rdev_addable() while under RCU, potentially dereferencing an rdev.mddev that is NULL after release, causing a NULL pointer dereference and a panic. The published description notes the fix is to ...

CVE-2025-38621 md: make rdev_addable usable for rcu mode

In the Linux kernel, the following vulnerability has been resolved: md: make rdevaddable usable for rcu mode Our testcase trigger panic: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ 94...

CVE-2025-38621 md: make rdev_addable usable for rcu mode

In the Linux kernel, the following vulnerability has been resolved: md: make rdevaddable usable for rcu mode Our testcase trigger panic: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ 94...

Linux Distros Unpatched Vulnerability : CVE-2022-49400

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: md: Don't set mddev private to NULL in raid0 pers-free In normal stop process, it does like...

UBUNTU-CVE-2024-27023

In the Linux kernel, the following vulnerability has been resolved: md: Fix missing release of 'activeio' for flush submitflushes atomicset&mddev-flushpending, 1; rdevforeachrcurdev, mddev atomicinc&mddev-flushpending; bi-biendio = mdendflush submitbiobi; / flush io is done first / mdendflush if...

PT-2021-8013 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the async xor function in the Linux kernel, which can cause data corruption problems due to incorrect calculation of xor values when sharing one page if PAGE SI...

USN-2109-1: Linux kernel vulnerabilities

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw...

Syrian Electronic Army's own website got hacked by Turkish hacker

Oops.. Hackers got Hacked! The Syrian Electronic Army, who has hacked hundreds of High Profile targets in 2013-14, today they got hacked by a Turkish hacker. Turkguvenligi, a Turkish hacker told The Hacker News that he hacked and defaced the official website of the hacking group SEA sea.sy and...

kexec-tools security, bug fix, and enhancement update

2.0.0-209.0.1.el6 - Make sure '--allow-missing' is effective by adding to MKDUMPRDARGS in kdump.sysconfig, kdump.sysconfig.i386, and kdump.sysconfig.x8664 12590865 11678808 2.0.0-209 - Improve debugfs mounting code, from Dave Young. Resolve bug 748748. 2.0.0-208 - Search DUP firmware directory to...