18 matches found
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: blktrace: Fixed a UAF in the blkTraceAccess function after removal by sysfs. There is a use-after-free issue triggered by the following process: bash P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blkTraceRemoveQueue...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: atm: The atmdevmutex is released after removing procfs in atmdevderegister. syzbot reported a warning during atmdevregister. 0 Before creating a new device and procfs/sysfs for it, atmdevregister looks up a duplicate device...
CVE-2026-31434 btrfs: fix leak of kobject name for sub-group space_info
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group spaceinfo When createspaceinfosubgroup allocates elements of spaceinfo-subgroup, kobjectinitandadd is called for each element via btrfssysfsaddspaceinfotype. However, when...
CVE-2026-31434
CVE-2026-31434 affects the Linux kernel's btrfs subsystem. The root cause is a leak of kobject names for sub-group space_info entries: during removal, kobject_init_and_add is paired with allocations, but the corresponding btrfs_sysfs_remove_space_info() is not called on freed elements, causing le...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989605)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989605 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfs attrs If coretempaddcore gets an error then...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986988)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986988 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix use-after-free on remove Ensure that the irqwork has completed before th...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-382063)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-382063 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usbdeauthorizeinterface Among the attribute file callback routines in...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987326)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987326 advisory. In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986660)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986660 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfs attrs If coretempaddcore gets an error then...
DEBIAN-CVE-2025-38245
In the Linux kernel, the following vulnerability has been resolved: atm: Release atmdevmutex after removing procfs in atmdevderegister. syzbot reported a warning below during atmdevregister. 0 Before creating a new device and procfs/sysfs for it, atmdevregister looks up a duplicated device by...
CVE-2025-38245
In the Linux kernel ATM subsystem, CVE-2025-38245 is due to releasing atm_dev_mutex before procfs/sysfs removal in atm_dev_deregister(), creating a race window where a device may still appear in procfs while the device list no longer contains it. This can trigger a splat warning during atm_dev_re...
DEBIAN-CVE-2024-50122
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...
SUSE CVE-2022-49010
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfs attrs If coretempaddcore gets an error then pdata-coredataindx is already NULL and has been kfreed. Don't pass that to sysfsremovegroup as that will crash in sysfsremovegroup...
DEBIAN-CVE-2022-49010
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfs attrs If coretempaddcore gets an error then pdata-coredataindx is already NULL and has been kfreed. Don't pass that to sysfsremovegroup as that will crash in sysfsremovegroup...
DEBIAN-CVE-2021-47375
In the Linux kernel, the following vulnerability has been resolved: blktrace: Fix uaf in blktrace access after removing by sysfs There is an use-after-free problem triggered by following process: P1sda P2sdb echo 0 /sys/block/sdb/trace/enable blktraceremovequeue synchronizercu blktracefree...
kernel: hwmon: (coretemp) Check for null before removing sysfs attrs
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfs attrs If coretempaddcore gets an error then pdata-coredataindx is already NULL and has been kfreed. Don't pass that to sysfsremovegroup as that will crash in sysfsremovegroup...
kernel: hwmon: (coretemp) Check for null before removing sysfs attrs
In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfs attrs If coretempaddcore gets an error then pdata-coredataindx is already NULL and has been kfreed. Don't pass that to sysfsremovegroup as that will crash in sysfsremovegroup...
UVI-2021-1001517 blktrace: Fix uaf in blk_trace access after removing by sysfs
blktrace: Fix uaf in blktrace access after removing by sysfs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.285 by commit...