Lucene search
K

73 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 1:7 a.m.7 views

CVE-2026-53186

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA SCSI RDMA Protocol SRP component. A malicious or compromised SRP target on the InfiniBand/RoCE fabric can exploit this vulnerability by sending a specially crafted SRP response with an excessively large data length. This can...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: scsi: core: There is a race condition where the error handler is only awakened when the last running command completes or times out. The order of execution of marking commands—either completed or failed—is not properly ordered...

4.7CVSS6AI score0.00096EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 4:22 p.m.15 views

USN-8412-1 qemu vulnerabilities

Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly handled certain responses from an iSCSI server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary...

8.2CVSS7.7AI score0.04018EPSS
Exploits10References40
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool identified the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copie...

5.8AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Qemu

A NULL pointer dereference flaw was discovered in the SCSI emulation support of QEMU in versions prior to 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The greatest threat from this vulnerability is to system availability...

6CVSS6.5AI score0.00335EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Freeing irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in freeirq. This will cause a kernel BUG like...

5.5CVSS6AI score0.00252EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/01 2:15 p.m.6 views

CVE-2026-43054

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/03/26 8:3 a.m.3 views

scsi: pm8001: Fix use-after-free in pm8001_queue_command()

...

7.8CVSS5.8AI score0.00126EPSS
Exploits0
EUVD
EUVD
added 2026/03/25 12:30 p.m.6 views

EUVD-2026-15230

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix refcount leak for tagsetrefcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace: 130120.652718 scsiallocsdev: Allocation failure during SCSI...

5.6AI score0.00123EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2026/03/05 9:4 a.m.6 views

scsi: qla2xxx: Fix bsg_done() causing double free

...

7.8CVSS5.8AI score0.00194EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/05 6:53 a.m.7 views

SUSE CVE-2025-71238

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...

6.5CVSS5.7AI score0.00194EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/02/05 12:24 a.m.7 views

SUSE CVE-2026-23110

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running command completes o...

4.7CVSS5.3AI score0.00096EPSS
Exploits0References19
Redos
Redos
added 2026/02/05 12:0 a.m.6 views

ROS-20260205-73-0032

A vulnerability in the iscsi component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.5AI score0.00162EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fixed an array overflow issue in stsetup. The array size is now adjusted to match the parameter size, rather than using a fixed value...

5.5CVSS6.4AI score0.00254EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/01/15 9:4 a.m.5 views

scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"

...

5.5CVSS5.4AI score0.00173EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:28 p.m.4 views

CVE-2025-68782

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Reset ttaskcdb pointer in error case If allocation of cmd-ttaskcdb fails, it remains NULL but is later dereferenced in the 'err' path. In case of error, reset NULL ttaskcdb value to point at the default fixed-size...

5.2AI score0.00173EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2025/12/24 10:33 a.m.23 views

CVE-2025-68371

CVE-2025-68371 relates to the Linux kernel SCSI smartpqi driver. A race between the abort handler that schedules a LUN reset and device removal via sdev_destroy() could cause the LUN reset to run after the device was removed, leading to use‑after‑free and access to freed resources. The fix, as do...

6AI score0.00161EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/12/17 12:23 a.m.5 views

SUSE CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

6.6AI score0.00158EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/16 3:30 p.m.7 views

EUVD-2025-203672

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsihostbusy Commit 995412e23bb2 "blk-mq: Replace tags-lock with SRCU for tag iterators" introduced the following regression: Call trace: srcureadlock+0x30/0x80 P...

6AI score0.00032EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/22 3:31 p.m.6 views

EUVD-2023-59999

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...

5.7AI score0.00187EPSS
Exploits0References8
Rows per page
Query Builder