Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from post-release reuse in ufshcscsicmd in ufs.c. There may be post-release reuse of stack variables...

DEBIAN-CVE-2024-50026

In the Linux kernel, the following vulnerability has been resolved: scsi: wd33c93: Don't use stale scsipointer value A regression was introduced with commit dbb2da557a6a "scsi: wd33c93: Move the SCSI pointer to private command data" which results in an oops in wd33c93intr. That commit added the...

UBUNTU-CVE-2024-50025

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Move flushwork initialization out of if block After commit 379a58caa199 "scsi: fnic: Move fnicfnicflushtx to a work queue", it can happen that a work item is sent to an uninitialized work queue. This may has the effec...

CVE-2024-42287

...

SUSE CVE-2024-46843

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only if added If host tries to remove ufshcd driver from a UFS device it would cause a kernel panic if ufshcdasyncscan fails during ufshcdprobehba before adding a SCSI host with scsiaddhost and M...

scsi: core: Fix unremoved procfs host directory regression

...

kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfcworkerwakeup lpfcworkerwakeup calls the lpfcworkdone routine, which takes the hbalock. Thus, lpfcworkerwakeup should not be called while holding the hbalock to avoid potential deadlo...

UBUNTU-CVE-2024-41054

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdclearcmd racing issue When ufshcdclearcmd is racing with the completion ISR, the completed tag of the request's mqhctx pointer will be set to NULL by the ISR. And ufshcdclearcmd's call to...

DEBIAN-CVE-2022-48791

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if a TMF sastask is aborted before we handle the IO completion in mpisspcompletion. The abort occurs due to timeout. When the timeout...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a security issue in scsi bfa...

China Has a Controversial Plan for Brain-Computer Interfaces

China's brain-computer interface technology is catching up to the US. But it envisions a very different use case: cognitive enhancement...

kernel: scsi: qla2xxx: Array index may go out of bound

A flaw was found in the Linux kernel qla2xxx SCSI driver. A static analysis tool reported that the array vha-hoststr, sized to hold 16 characters, could be indexed with values outside its valid range, potentially leading to out-of-bounds writes. The root cause was the use of sprintf without...

UBUNTU-CVE-2024-26627

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Move scsihostbusy out of host lock for waking up EH handler Inside scsiehwakeup, scsihostbusy is called & checked with host lock every time for deciding if error handler kthread needs to be waken up. This can be too...

kernel: scsi: mpi3mr: Fix an issue found by KASAN

A flaw was found in the Linux kernel's mpi3mr SCSI driver for Broadcom MPI3 HBA controllers. The driver writes 64 bytes when only 32 bytes should be written, causing an out-of-bounds write detected by KASAN. This memory corruption could lead to system instability or a kernel crash...

kernel: scsi: mpi3mr: Fix config page DMA memory leak

A flaw was found in the mpi3mr module in the Linux kernel. A memory leak can occur due to pending DMA allocations from the driver after it is released from the device. This issue potentially impacts system performance and results in a denial of service...

PT-2023-4236 · Unknown · Rtu500 Series

Name of the Vulnerable Software and Affected Versions: RTU500 series product affected versions not specified Description: A vulnerability exists in the HCI IEC 60870-5-104 function, which can be exploited if the HCI 60870-5-104 is configured with support for IEC 62351-3. After the session...

USN-6085-1 linux-raspi vulnerabilities

It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...

kernel: scsi: sd: Fix potential NULL pointer dereference

A flaw was found in the Linux kernel's SCSI subsystem. A NULL pointer dereference can be triggered when an error occurs before the sdkp-device object is fully initialized, causing a system crash and a denial of service...

SUSE CVE-2012-4542

block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...

SUSE CVE-2018-10021

drivers/scsi/libsas/sasscsihost.c in the Linux kernel before 4.16 allows local users to cause a denial of service ata qc leak by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure can only occur for physically proximate attackers w...