CVE-2022-50414 scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails

In the Linux kernel, the following vulnerability has been resolved: scsi: fcoe: Fix transport not deattached when fcoeifinit fails fcoeinit calls fcoetransportattach&fcoeswtransport, but when fcoeifinit fails, &fcoeswtransport is not detached and leaves freed &fcoeswtransport on fcoetransports...

USN-7701-3 linux-iot vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...

scsi: megaraid_sas: Fix invalid node index

...

USN-7685-3 linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...

scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()

...

SUSE CVE-2025-38289

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmocallbk Smatch detected a potential use-after-free of an ndlp oject in devlosstmocallbk during driver unload or fatal error handling. Fix by reordering code to avoid...

kernel: scsi: libfc: Fix use after free in fc_exch_abts_resp()

A vulnerability was found in the Linux kernel's SCSI libfc library in the fcexchabtsresp function, which can lead to a use-after-free scenario. This issue can occur because the function calls fcexchrelease, which decrements a reference count stored in the ep object and then frees the object once...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fixed an array overflow issue in stsetup. The array size is now adjusted to match the parameter size, rather than using a fixed value...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the SCSI component in the Linux operating system is related to incorrect blocking of resources in the cqthreadv3hw function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to gain elevated privileges within the system.

The vulnerability of the SCSI component in the Linux operating system is related to errors that occur after deallocation. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

DEBIAN-CVE-2025-21738

In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSIIOCTLSENDCOMMAND ioctl with outlen set to 0xd42, SCSI command set to ATA16 PASS-THROUGH, ATA command set to ATANOP, and...

SUSE CVE-2022-49157

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix premature hw access after PCI error After a recoverable PCI error has been detected and recovered, qla driver needs to check to see if the error condition still persist and/or wait for the OS to give the resume...

SUSE CVE-2022-49504

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...

DEBIAN-CVE-2022-49536

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the SCSI component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2025-8820

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential use-after-free UAF access issue has been identified in the Linux kernel, specifically in the scsi: ufs: bsg component. The issue arises from not setting bsg queue to NULL aft...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel has a security vulnerability that stems from an unusual root cause in sgremovescat in scsi/sg.c. There may be memory corruption...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to gain access to confidential information.

The vulnerability of the Linux operating system’s SCSI kernel component is related to excessive data output in the scsihostdevrelease function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

scsi: wd33c93: Don't use stale scsi_pointer value

...

The vulnerability of Internet Small Computer System Interface (iSCSI) operating systems for Windows, which allows a perpetrator to cause a service failure

The vulnerability of Internet Small Computer System Interface iSCSI operating systems for Windows involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...