Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ublk: It is necessary to sanitize the arguments from userspace when adding a device. The Sanity function checks the values for queue depth and the number of queues that we obtain from userspace when adding a device...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ublk: Fix for deadlock when reading the partition table When a process such as udev opens the ublk block device e.g., to read the partition table using bdevopen, a deadlock can occur: 1. bdevopen grabs the disk-openmutex. 2. The...

SUSE CVE-2026-45962

In the Linux kernel, the following vulnerability has been resolved: ublk: Validate SQE128 flag before accessing the cmd ublkctrlcmddump accesses header sqe-cmd before IOURINGFSQE128 flag check. This could cause out of boundary memory access. Move the SQE128 flag check earlier in ublkctrluringcmd ...

SUSE CVE-2026-45975

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

Linux Distros Unpatched Vulnerability : CVE-2026-45962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ublk: Validate SQE128 flag before accessing the cmd ublkctrlcmddump accesses header sqe-cmd before IOURINGFSQE128 flag check. This could cause out of boundary...

CVE-2026-45975

A flaw was found in the Linux kernel's ublk subsystem. A local attacker could exploit a race condition where the kernel reads struct ublksrvctrlcmd from userspace-mapped memory without proper synchronization. This allows a malicious user to concurrently write to the structure, potentially causing...

EUVD-2026-32246

In the Linux kernel, the following vulnerability has been resolved: ublk: Validate SQE128 flag before accessing the cmd ublkctrlcmddump accesses header sqe-cmd before IOURINGFSQE128 flag check. This could cause out of boundary memory access. Move the SQE128 flag check earlier in ublkctrluringcmd ...

UBUNTU-CVE-2026-45962

In the Linux kernel, the following vulnerability has been resolved: ublk: Validate SQE128 flag before accessing the cmd ublkctrlcmddump accesses header sqe-cmd before IOURINGFSQE128 flag check. This could cause out of boundary memory access. Move the SQE128 flag check earlier in ublkctrluringcmd ...

CVE-2026-45975

CVE-2026-45975 is a Linux kernel vulnerability in the ublk subsystem where a race condition can occur reading struct ublksrv_ctrl_cmd from userspace-mapped memory in the io_uring_sqe. The fix uses READ_ONCE() to copy ublksrv_ctrl_cmd from the io_uring_sqe to a local stack copy and then operates o...

CVE-2026-45962

The CVE affects the Linux kernel ublk driver, where ublk_ctrl_cmd_dump() could access (header *)sqe->cmd before checking IO_URING_F_SQE128, enabling out-of-bounds memory access. The mitigation is to check the SQE128 flag earlier in ublk_ctrl_uring_cmd() and return -EINVAL if not set. Several s...

CVE-2026-45962 ublk: Validate SQE128 flag before accessing the cmd

In the Linux kernel, the following vulnerability has been resolved: ublk: Validate SQE128 flag before accessing the cmd ublkctrlcmddump accesses header sqe-cmd before IOURINGFSQE128 flag check. This could cause out of boundary memory access. Move the SQE128 flag check earlier in ublkctrluringcmd ...

PT-2026-43829

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the ublk ctrl cmd dump function accesses header sqe-cmd before verifying the IO URING F SQE128 flag. This sequence can lead to out-of-boundary memory access. The fi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: block: ublk: extending queuesize to fix overflow issues When validating the Draft SPDK ublk target, in cases where a large queue depth was assigned to the multiqueue ublk device, the ublk target would enter an incorrect state...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ublk: Clean up user copy references on the ublk server exit If a ublk server process releases a ublk character device file, any requests dispatched to the ublk server but not yet completed will retain a reference value of...

CVE-2026-43364

A flaw was found in the Linux kernel's ublk subsystem. A local user can trigger a NULL pointer dereference by sending an UPDATESIZE command to a ublk device that has been added but not yet started, or one that has been stopped. This occurs due to insufficient state validation before dereferencing...

EUVD-2026-28670

In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...

CVE-2026-43364

In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...

CVE-2026-43364

In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...

CVE-2026-43364

In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...

PT-2026-39025

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the ublk ctrl set size function. The issue occurs because the function calls set capacity and notify using ub-ub disk without verifying if the pointe...