Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a KASAN warning for raid5adddisks in dm raid...

Vulnerability of components of Linux operating system’s kernel-related md/raid layers, allowing attackers to cause service interruptions

The vulnerability of Linux operating system’s md/raid kernel components is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

kernel: Integer Overflow in raid5_cache_count

Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM md, raid, raid5 modules allows Forced Integer Overflow...

CVE-2022-34882

Information Exposure Through an Error Message vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to gain sensitive information. This issue affects: Hitachi RAID Manager Storage Replication Adapter 02.01.04 versions prior to 02.03.02 on Windows;...

CVE-2022-34883

OS Command Injection vulnerability in Hitachi RAID Manager Storage Replication Adapter allows remote authenticated users to execute arbitrary OS commands. This issue affects: Hitachi RAID Manager Storage Replication Adapter 02.01.04 versions prior to 02.03.02 on Windows; 02.05.00 versions prior t...

CVE-2022-22996

The G-RAID 4/8 Software Utility setups for Windows were affected by a DLL hijacking vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the system user...

CLSA-2025-1737468474 kernel: Fix of 4 CVEs

media: edia: dvbdev: fix a use-after-free CVE-2024-27043 - btrfs: dev-replace: properly validate device names CVE-2024-26791 - KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory CVE-2024-50115 - net/sched: stop qdisctreereducebacklog on TCHROOT CVE-2024-53057 - ipc/sem.c: bugfix for...

PT-2025-8864

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc1+ 1464 Description A issue has been identified in the Linux kernel where the use of btrfs set item key safe to modify keys in the RAID stripe-tree can lead to corruption of the tree. This corruption is...

CVE-2024-48875 btrfs: don't take dev_replace rwsem on task already holding it

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't take devreplace rwsem on task already holding it Running fstests btrfs/011 with MKFSOPTIONS="-O rst" to force the usage of the RAID stripe-tree, we get the following splat from lockdep: BTRFS info device sdd:...

CVE-2024-48875 btrfs: don't take dev_replace rwsem on task already holding it

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't take devreplace rwsem on task already holding it Running fstests btrfs/011 with MKFSOPTIONS="-O rst" to force the usage of the RAID stripe-tree, we get the following splat from lockdep: BTRFS info device sdd:...

PT-2026-2896

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the md/raid5 component where null-pointer dereferences can occur in the raid5 store group thread cnt function. This happens when the mddev-private...

PT-2026-20417

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the raid1 reshape function related to managing RAID arrays via sysfs. Specifically, the issue arises from calling freeze array before and after...

PT-2026-5516

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A device leak issue exists in the dmaengine subsystem, specifically within the bcm-sba-raid component, during the probe process. The issue occurs because a reference to a mailbox device ...

CLSA-2024-1731605761 Fix of 67 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-42265 - protect the fetch of -fdfd in dodup2 from mispredictions CVE-url: https://ubuntu.com/security/CVE-2024-47669 - nilfs2: fix state management in error path of log writing function CVE-url: https://ubuntu.com/security/CVE-2023-52918 - media: pci:...

The vulnerability of the implementation of RAID arrays based on Intel VROC chips lies in the uncontrolled search element, which allows a hacker to increase their privileges.

The vulnerability of the implementation of RAID arrays based on Intel VROC chips is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow attackers to enhance their privileges...

kernel: Integer Overflow in raid5_cache_count

Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM md, raid, raid5 modules allows Forced Integer Overflow...

kernel: md/dm-raid: don't call md_reap_sync_thread() directly

A flaw was found in the md/dm-raid subsystem in the Linux kernel. If mdreapsyncthread is called directly, it could lead to potential misuse or system instability...

kernel: dm-raid: really frozen sync_thread during suspend

A hang flaw was found in the Linux kernel’s Raid MD subsystem. This flaw allows a local user to crash the system...

kernel: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape

In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progress, then IO across reshape position will wait for reshape to make progress. However, for dm-raid, in...

Intel Virtual RAID on CPU (VROC) November 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Virtual RAID on CPU Intel® VROC software, which might allow escalation of privilege and denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to...