Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the null payload in the non-linear buffer tapskb within the vsock/virtio driver. This vulnerability may...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a leak in the queue count when transferring data during operations involving the vsock/virtio...

Astra Linux - уязвимость в linux-5.10

An integer overflow flaw was discovered in the Linux kernel’s virtio device driver code, where a user triggers the vhostvdpaconfigvalidate function. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...

ROS-20260120-7323

A vulnerability in the drivers/net/caif/caifvirtio.c file of the Linux operating system kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004761 advisory. An integer overflow flaw was found in the Linux kernels virtio device driver code in the way a user triggers the vhostvdpaconfigvalidate function. This flaw allows a...

CVE-2023-54215

In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fix cpumask memory leak in virtiovdpafindvqs Free the cpumask allocated by createaffinitymasks before returning from the function...

CVE-2022-50842

CVE-2022-50842 affects the Linux kernel DRM virtio path. The issue arises when transferring 2D buffer objects (BOs); a non-shmem BO (e.g., VRAM) could bypass a necessary check, potentially leading to a NULL dereference. The publicly documented fix is to validate that a transferred 2D BO is always...

ALSA-2025:21397 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 For more details about the security issues, including...

EUVD-2022-55079

In the Linux kernel, the following vulnerability has been resolved: virtio: use virtiodeviceready in virtiodevicerestore After waking up a suspended VM, the kernel prints the following trace for virtio drivers which do not directly call virtiodeviceready in the .restore: PM: suspend exit irq 22:...

Linux Distros Unpatched Vulnerability : CVE-2022-0998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow flaw was found in the Linux kernel's virtio device driver code in the way a user triggers the vhostvdpaconfigvalidate function. This flaw...

Linux Distros Unpatched Vulnerability : CVE-2023-52670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rpmsg: virtio: Free driveroverride when rpmsgremove Free driveroverride when rpmsgremove, otherwise the following memory leak will occur: unreferenced object...

CVE-2024-11614 Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

CVE-2024-37353

REJECTED CVE A resource management issue exists in the Linux Kernel's virtio module. When requestirq fails in vpfindvqsmsix, the cleanup path incorrectly attempts to free an already released IRQ, resulting in warnings and potential system instability. This issue arises from the mishandling of...

SUSE CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is done with all the queued buffers. However, this is not true, since the notify callback could be called...

PT-2024-9285 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's virtio component, where the driver incorrectly assumes that the notify callback is only received when the device is done with all the queued...

SUSE CVE-2022-0998

An integer overflow flaw was found in the Linux kernel's virtio device driver code in the way a user triggers the vhostvdpaconfigvalidate function. This flaw allows a local user to crash or potentially escalate their privileges on the system...

DEBIAN-CVE-2023-52670

In the Linux kernel, the following vulnerability has been resolved: rpmsg: virtio: Free driveroverride when rpmsgremove Free driveroverride when rpmsgremove, otherwise the following memory leak will occur: unreferenced object 0xffff0000d55d7080 size 128: comm "kworker/u8:2", pid 56, jiffies...

An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function. This flaw allows a local user to crash or potentially escalate their privileges on the system.

...

AZL-9242 CVE-2022-0998 affecting package kernel for versions less than 5.15.37.1-2

An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhostvdpaconfigvalidate function. This flaw allows a local user to crash or potentially escalate their privileges on the system...