GHSA-WWJ6-VGHV-5P64 Kata Container to Guest micro VM privilege escalation

Summary An issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understinding is this doesn’t impact the security of the Host or of other containers / V...

Kata Container to Guest micro VM privilege escalation

Summary An issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understinding is this doesn’t impact the security of the Host or of other containers / V...

PT-2026-20875

Summary An issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understinding is this doesn’t impact the security of the Host or of other containers / V...

SUSE CVE-2023-54089

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: add the missing REQOPWRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------ cut here ------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 submitbionoacct Modules link...

CVE-2023-54089

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: add the missing REQOPWRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------ cut here ------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 submitbionoacct Modules link...

CVE-2023-54089

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: add the missing REQOPWRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------ cut here ------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 submitbionoacct Modules link...

CVE-2023-54089 virtio_pmem: add the missing REQ_OP_WRITE for flush bio

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: add the missing REQOPWRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------ cut here ------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 submitbionoacct Modules link...

CVE-2023-54089 virtio_pmem: add the missing REQ_OP_WRITE for flush bio

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: add the missing REQOPWRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------ cut here ------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 submitbionoacct Modules link...

CVE-2023-54089

CVE-2023-54089 : In the Linux kernel, the virtio_pmem path did not assign REQ_OP_WRITE for flush bios, causing submit_bio_noacct() to fail when flushing PMEM-backed devices (e.g., during mkfs.xfs). The root cause is that async_pmem_flush() allocated a flush bio without setting REQ_OP_WRITE, so th...

PT-2025-53166

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc7+ 154 Description The Linux kernel contains a flaw within the virtio pmem subsystem. Specifically, the submit bio noacct function requires the bio operation to be either WRITE or ZONE APPEND for flush...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50184)

virtiopmem: Check device status before requesting flush. If a pmem device is in a bad status, the driver side could wait for host ack forever in virtiopmemflush, causing the system to hang. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990848)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990848 advisory. In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Check device status before requesting flush If a pmem device is in a bad status, the...

kernel: virtio_pmem: add the missing REQ_OP_WRITE for flush bio

A flaw was discovered in the virtiopmem driver in the Linux kernel, where flush block I/O requests did not have the required REQOPWRITE operation code assigned before submission. Under workloads involving persistent memory block devices — for example, running mkfs.xfs on a pmem device,this omissi...

USN-7451-1 linux-aws-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7383-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

USN-7294-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - ACPI drivers; - Drivers core; - ATA over ethernet AOE driver; - TPM...

USN-7295-1 linux-xilinx-zynqmp vulnerabilities

Ye Zhang and Nicolas Wu discovered that the iouring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

USN-7166-3 linux-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

USN-7166-2 linux-aws, linux-aws-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

USN-7166-1 linux, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...