Lucene search
K

376 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 9:48 a.m.5 views

kernel: scsi: qla2xxx: Completely fix fcport double free

A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...

9.8CVSS6.6AI score0.0038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 11:21 p.m.5 views

kernel: scsi: qla2xxx: Completely fix fcport double free

A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...

9.8CVSS5.7AI score0.0038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 10:59 a.m.7 views

kernel: scsi: qla2xxx: Completely fix fcport double free

A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...

9.8CVSS6.7AI score0.0038EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: ibmvfc: Queue resources are allocated/free only during probe/remove operations. Currently, sub-queues and event pool resources are allocated/free for every CRQ connection event, such as reset and LPM. This exposes the...

5.5CVSS6.4AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: The BUGON flag has been removed when the event pool is empty. In practice, the driver should never send more commands than are allocated to the event pool. If this happens, the code will assert the BUGON flag. In th...

5.5CVSS6.3AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a resource leak in lpfcsli4sendseqtoulp. If no handler is found in lpfccompleteunsoliocb that matches the recipient of a received frame, the frame is discarded, and resources may be leaked. This issue was...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed the buffer release/clearing order in the deferred receive path. A use-after-free condition was addressed by correcting the buffer release sequence in the deferred receive path. The code first released the RQ...

7.8CVSS6.4AI score0.00167EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/27 10:32 p.m.13 views

CVE-2026-45977

A flaw was found in the Linux kernel's fbnic Fibre Channel over Ethernet Network Interface Card driver. A race condition exists in the handling of firmware logs, where the log can be freed while still being accessed. This can lead to a use-after-free vulnerability, potentially allowing an attacke...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them as SCSI devices in a guest VM. I/O operations to the vFC device are...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qedf: Add stagwork to all the vports A call trace was observed when creating NPIV ports. Only 32 out of 64 ports are shown as online. The stagwork was not initialized for the vports; therefore, it needs to be initialized...

5.5CVSS5.1AI score0.00268EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The issue of double-free of the fcport has been completely fixed. In the function qla24xxelsdcmdiocb, sp-free is set to qla2x00elsdcmdspfree. When an error occurs, this function is called by qla2x00sprelease, where...

9.8CVSS6.1AI score0.0038EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoiding deadlock on the delete association path When deleting an association, the shutdown path may lead to a deadlock. This occurs because we try to flush the nvmetwq nested queue. To avoid this deadlock, defer the...

4.4CVSS6.2AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet: The cqe.result field must always be initialized. The specification does not require that the first two double-word fields also known as “results” for a command queue entry need to be set to 0 when they are not used this is...

5.5CVSS6.2AI score0.00256EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted “scsi: fcoe: Fix potential deadlock on &fip-ctlrlock”. This revertment is associated with the commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, as it change...

5.5CVSS5.4AI score0.00239EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 10:51 p.m.10 views

CVE-2026-43414

A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...

9.8CVSS5.8AI score0.0038EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.5 views

CVE-2026-43414

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...

9.8CVSS5.7AI score0.0038EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43414

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by...

9.8CVSS6.8AI score0.0038EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/30 5:40 a.m.10 views

EUVD-2026-26319

FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00177EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/04/23 8:6 a.m.6 views

scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()

...

8.1CVSS5.2AI score0.00274EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/22 6:7 p.m.7 views

CVE-2026-31464

A flaw was found in the Linux kernel's scsi: ibmvfc driver. A malicious or compromised Virtual I/O VIO server can exploit this by sending a crafted response during target discovery. This response can cause an out-of-bounds memory access, leading to the disclosure of sensitive kernel memory...

8.1CVSS5.2AI score0.00274EPSS
Exploits0References4
Rows per page
Query Builder