Lucene search
K

1685 matches found

RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.10 views

kernel: Linux kernel: md/raid10 soft lockup due to unlimited plugged bio

A flaw was found in the Linux kernel's Multiple Device MD driver, specifically within the RAID10 implementation. This vulnerability allows a local user to trigger a soft lockup, leading to a Denial of Service DoS. The issue arises because the md/raid10 component lacks a limit on plugged bio block...

5.5CVSS6.2AI score0.00112EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.3 views

kernel: md: don't dereference mddev after export_rdev()

A use-after-free vulnerability was found in the Linux kernel multiple device RAID subsystem's device lifetime management. A local user with privileges to manage MD arrays can trigger concurrent device addition and removal operations via sysfs, causing a race condition where the mddev structure is...

5.5CVSS7.2AI score0.00119EPSS
Exploits0References5
OSV
OSV
added 2024/04/22 1:7 p.m.5 views

CLSA-2024-1713791231 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2021-46925 - net/smc: get rid of txpend waits in socket closing - net/smc: fix kernel panic caused by race of smcsock CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url:...

7.8CVSS7AI score0.0094EPSS
Exploits0References1
OSV
OSV
added 2024/04/22 1:4 p.m.4 views

CLSA-2024-1713791075 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix...

7.8CVSS6.9AI score0.0094EPSS
Exploits0References1
OSV
OSV
added 2024/04/22 1:0 p.m.6 views

CLSA-2024-1713790844 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix...

7.8CVSS6.9AI score0.0094EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/04/19 2:18 a.m.2 views

SUSE CVE-2024-26899

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References10
NVD
NVD
added 2024/04/17 11:15 a.m.16 views

CVE-2024-26899

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...

5.5CVSS6.1AI score0.0021EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/17 10:27 a.m.15 views

CVE-2024-26899 block: fix deadlock between bd_link_disk_holder and partition scan

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...

5.5AI score0.0021EPSS
Exploits0References3
CVE
CVE
added 2024/04/17 10:27 a.m.181 views

CVE-2024-26899

CVE-2024-26899 — Linux kernel deadlock fix details : Affected component is the block layer in the Linux kernel. The issue arises when bd_link_disk_holder() uses the global open_mutex to guard the creation of a symlink between a holding disk and a slave bdev during driver initialization/modificati...

5.5CVSS6.4AI score0.0021EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/17 10:27 a.m.18 views

CVE-2024-26899 block: fix deadlock between bd_link_disk_holder and partition scan

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between bdlinkdiskholder and partition scan 'openmutex' of gendisk is used to protect open/close block devices. But in bdlinkdiskholder, it is used to protect the creation of symlink between holding disk and...

6.6AI score0.0021EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/04/15 12:0 a.m.4 views

The vulnerability of the implementation of RAID arrays based on Intel VROC chips stems from access control deficiencies, allowing attackers to enhance their privileges.

The vulnerability of the implementation of RAID arrays based on Intel VROC chips is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS6.6AI score0.00167EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/12 12:0 a.m.5 views

The vulnerability of the implementation of RAID arrays based on Intel VROC chips arises from the improper use of standard resolutions. This allows a hacker to increase their privileges.

The vulnerability of the implementation of RAID arrays based on Intel VROC chips is related to the improper use of standard resolutions. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS6.6AI score0.00167EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/12 12:0 a.m.5 views

The vulnerability of the implementation of RAID arrays based on Intel VROC chips lies in the uncontrolled search element, which allows a hacker to increase their privileges.

The vulnerability of the implementation of RAID arrays based on Intel VROC chips is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

6.7CVSS6.6AI score0.00197EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2024/04/10 2:16 a.m.5 views

SUSE CVE-2024-26756

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

5.5CVSS6.8AI score0.00209EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/04/10 2:16 a.m.6 views

SUSE CVE-2024-26757

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...

5.5CVSS7AI score0.00209EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/04 1:2 a.m.25 views

CVE-2024-26756

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

4.4CVSS7.1AI score0.00209EPSS
Exploits0References4
NVD
NVD
added 2024/04/03 5:15 p.m.16 views

CVE-2024-26757

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in mdcheckrecovery Usually if the array is not read-write, mdcheckrecovery won't register new syncthread in the first place. And if the array is read-write and syncthread is registered,...

5.5CVSS6.5AI score0.00209EPSS
Exploits0References2
OSV
OSV
added 2024/04/03 5:15 p.m.13 views

AZL-58753 CVE-2024-26756 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

5.5CVSS5.7AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2024/04/03 5:15 p.m.1 views

DEBIAN-CVE-2024-26756

In the Linux kernel, the following vulnerability has been resolved: md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from pers-run, in this case 'MDRECOVERYRUNNING' is set directly, however, there ...

5.5CVSS4.9AI score0.00209EPSS
Exploits0References1
NVD
NVD
added 2024/04/03 5:15 p.m.15 views

CVE-2024-26758

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...

5.5CVSS6.3AI score0.00212EPSS
Exploits0References2
Rows per page
Query Builder