Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Added the missing REQOPWRITE for flushing bio. When performing mkfs.xfs on a pmem device, the following warning was encountered: ------------ Cut here ------------ Warning: CPU: 2, PID: 384; at block/blk-core.c:751:...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clearuser To clear a user buffer we cannot simply use memset, we have to use clearuser. With a virtio-mem device that registers a vmcorecb and has some logically unplugged...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010964)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010964 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'stru...

Linux Distros Unpatched Vulnerability : CVE-2023-54089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtiopmem: add the missing REQOPWRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------ cut here ------------ WARNING:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986687)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986687 advisory. In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clearuser To clear a user buffer we canno...

CVE-2023-53515 virtio-mmio: don't break lifecycle of vm_dev

In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vmdev struct with devres totally breaks this...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the virtio-mmio component's use of devres to allocate a vmdev structure, which could lead to reuse after...

CVE-2024-50184 virtio_pmem: Check device status before requesting flush

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Check device status before requesting flush If a pmem device is in a bad status, the driver side could wait for host ack forever in virtiopmemflush, causing the system to hang. So add a status check in the beginning o...

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2024-2120)

"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration...

SUSE CVE-2021-47566

In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clearuser To clear a user buffer we cannot simply use memset, we have to use clearuser. With a virtio-mem device that registers a vmcorecb and has some logically unplugged...

UBUNTU-CVE-2021-47566

In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clearuser To clear a user buffer we cannot simply use memset, we have to use clearuser. With a virtio-mem device that registers a vmcorecb and has some logically unplugged...

USN-6688-1 linux-oem-6.1 vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

USN-3762-2 linux-hwe, linux-azure, linux-gcp vulnerabilities

USN-3762-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that the VirtIO subsystem in the Linux kernel did not properly...

USN-3762-1 linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities

It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information kernel memory. CVE-2018-1118 Seunghun Han discovered an information leak in the ACPI handling code in the...

Qemu: virtio: unbounded memory allocation on host via guest leading to DoS

Quick Emulator QEMU built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation ...

USN-2777-1 linux-lts-utopic vulnerabilities

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service system crash or possibly execute code with administrative privileges. CVE-2015-5156 Benjamin Randazzo...