RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction

...

kernel: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race

In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rqqoswait vs. rqqoswakefunction race We're seeing crashes from rqqoswakefunction that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 PF: supervisor write access in kernel...

DEBIAN-CVE-2025-38326

In the Linux kernel, the following vulnerability has been resolved: aoe: clean device rqlist in aoedevdowndev An aoe device's rqlist contains accepted block requests that are waiting to be transmitted to the aoe target. This queue was added as part of the conversion to blkmq. However, the queue w...

CVE-2025-38326 aoe: clean device rq_list in aoedev_downdev()

In the Linux kernel, the following vulnerability has been resolved: aoe: clean device rqlist in aoedevdowndev An aoe device's rqlist contains accepted block requests that are waiting to be transmitted to the aoe target. This queue was added as part of the conversion to blkmq. However, the queue w...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clean up the rqlist in the aoe driver, which could result in a frozen queue hang...

PT-2025-29048

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where an aoe device's request queue rq list was not properly cleaned when the device was downed. This caused blk mq freeze queue to indefinitely wait...

UBUNTU-CVE-2025-38174

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tbcfgrequestdequeue: general protection fault, probably for non-canonical address 0xdead000000000122 CPU: 6 PID: 91007 Comm: kworker/6:2...

SUSE CVE-2022-49902

In the Linux kernel, the following vulnerability has been resolved: block: Fix possible memory leak for rqwb on adddisk failure kmemleak reported memory leaks in deviceadddisk: kmemleak: 3 new suspected memory leaks unreferenced object 0xffff88800f420800 size 512: comm "modprobe", pid 4275, jiffi...

DEBIAN-CVE-2023-53083

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't replace page in rqpages if it's a continuation of last page The splice read calls nfsdspliceactor to put the pages containing file data into the svcrqst-rqpages array. It's possible however to get a splice result that...

GHSA-P2VC-M5FV-9W9M H2O Vulnerable to Denial of Service (DoS) via `/3/ImportFiles` Endpoint

A vulnerability in the /3/ImportFiles endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. The endpoint takes a single GET parameter, path, which can be recursively set to reference itself. This leads the server to repeatedly call its own endpoint, eventually...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the /3/ImportFiles endpoint. An attacker can cause the server to repeatedly call its own endpoint, eventually filling up the request queue and leaving the server unable to handle other requests by recursively...

CVE-2024-7768

A vulnerability in the /3/ImportFiles endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. The endpoint takes a single GET parameter, path, which can be recursively set to reference itself. This leads the server to repeatedly call its own endpoint, eventually...

CVE-2024-7768 Denial of Service in h2oai/h2o-3

A vulnerability in the /3/ImportFiles endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. The endpoint takes a single GET parameter, path, which can be recursively set to reference itself. This leads the server to repeatedly call its own endpoint, eventually...

H2O Vulnerable to Denial of Service (DoS) via `/3/ImportFiles` Endpoint

A vulnerability in the /3/ImportFiles endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. The endpoint takes a single GET parameter, path, which can be recursively set to reference itself. This leads the server to repeatedly call its own endpoint, eventually...

OESA-2025-1183 etcd security update

%expand: Security Fixes: A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows th...

CVE-2022-49394

In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. As this tracking can be expensive, it is disabled when no cgroup has iolatency configured for th...

CVE-2022-49377

In the Linux kernel, the following vulnerability has been resolved: blk-mq: don't touch -tagset in blkmqgetsqhctx blkmqrunhwqueues could be run when there isn't queued request and after queue is cleaned up, at that time tagset is freed, because tagset lifetime is covered by driver, and often free...

CVE-2022-49394

The CVE-2022-49394 entry describes a Linux kernel vulnerability in blk-iolatency where inflight IO counters could become imbalanced and IOs hang when a cgroup with iolatency is offline or disabled. The root cause is that enabled counters could be manipulated in iolatency_set_limit() and iolatency...

CVE-2022-49394 blk-iolatency: Fix inflight count imbalances and IO hangs on offline

In the Linux kernel, the following vulnerability has been resolved: blk-iolatency: Fix inflight count imbalances and IO hangs on offline iolatency needs to track the number of inflight IOs per cgroup. As this tracking can be expensive, it is disabled when no cgroup has iolatency configured for th...

CVE-2022-49377

CVE-2022-49377 is a Linux kernel vulnerability in the block multi-queue (blk-mq) path. The root cause was a use-after-free involving ->tagset during blk_mq_run_hw_queues, when there were no queued requests and the tagset could be freed after blk_cleanup_queue. The fix disables touching tagset ...