119 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Thunderbolt: Do not double-dequeue a configuration request. Some of our devices may crash when calling tbcfgrequestdequeue: This issue is likely due to a general protection fault, possibly related to the non-canonical address...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: kyber: Fix for out-of-bounds access when preempted. The function blkmqschedbiomerge obtains the ctx and hctx for the current CPU, and passes the hctx to -biomerge. The function kyberbiomerge then obtains the ctx for the current C...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - block: Fixed a possible memory leak for rqwb when deviceadddisk fails. - kmemleak reported memory leaks in deviceadddisk: 3 new suspected memory leaks. - A unreferenced object 0xffff88800f420800 size 512: - Command “modprobe...
PT-2026-39023
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10 Description A flaw exists in the SMB client where the SMB2 write function places the write payload in iov1..n as part of rq iov. Because smb3 init transform rq pointer-shares rq iov, the crypt message functi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex
...
SUSE CVE-2026-31473
In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...
EUVD-2026-24825
In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...
CVE-2026-31473
The CVE-2026-31473 affects the Linux kernel media subsystems (mc, v4l2). A race can occur when MEDIA_REQUEST_IOC_REINIT runs concurrently with VIDIOC_REQBUFS queue teardown, risking use-after-free of request objects. The root cause is lack of serialization across these paths; it is addressed by e...
CVE-2026-31473 media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex
In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...
PT-2026-34378
In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with req queue mutex MEDIA REQUEST IOC REINIT can run concurrently with VIDIOC REQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and...
CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
UBUNTU-CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
CVE-2025-71117 block: Remove queue freezing from several sysfs store callbacks
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper freezing of the request queue, which could result in a deadlock or slow system startup...
PT-2026-20450
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The EROFS filesystem may experience a use-after-free UAF condition when a file-backed mount with the directio option is enabled. This can lead to a system panic. The issue arises from a...
nvme: fix admin request_queue lifetime
...
SUSE CVE-2025-68265
In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...
EUVD-2025-203749
In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...
CVE-2025-68265
In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...