6065 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A NULL pointer dereferencing occurred after calling stargettorport. Calls to stargettorport may return NULL. Add a check for NULL rport before dereferencing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed the link-down processing to address the issue of NULL pointer dereferencing. If a FC link-down transition occurs while PLOGIs are outstanding and the fabric-known addresses are involved, outstanding ABTS request...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must also call dput; otherwise, a memory leak will occur over time. To simplify things, simply call debugfslookupandremove, which...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store the vhost pointer during subcrq allocation Currently, the back pointer from a queue to the vhost adapter is not set until after the subcrq interrupt registration. This value becomes available when a queue is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: The WARNONONCE call has been removed from ufshcduiccmdcompl. The UIC completion interrupt may be disabled while a UIC command is being processed. When the UIC completion interrupt is re-enabled, a UIC interrupt i...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fixed the issue of information leakage due to DMAFROMDEVICE. The problem I’m addressing was discovered during the LTP test covering cve-2018-1000204. A brief description of what happens is as follows: 1 The test case sen...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred when I/O abort times out. During CPU hotplug, a crash was observed with the following stack: Call Trace: qla24xxprocessresponsequeue+0x42a/0x970 qla2xxx qla2x00startnvmemq+0x3a2/0x4b0...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed the use of memory after freeing it in scsihexpandernoderemove. The function mpt3sastransportportremove called in scsihexpandernoderemove frees the port field of the sasexpander structure. This leads to a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Resets the ttaskcdb pointer in error cases If the allocation of cmd-ttaskcdb fails, it remains NULL, but it is later referenced in the ‘err’ path. In case of an error, the NULL ttaskcdb value is reset to point at th...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a use-after-free issue related to KFENCE violations during the sysfs firmware write process. During the sysfs firmware write process, a use-after-free read warning was logged from the lpfcwrobject routine: BUG:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dm mpath: Added the missing dmputdevice call when failing to obtain the scsi dh name. When commit fd81bc5cca8f “scsi: devicehandler: Returning an error pointer in scsidhattachedhandlername”, code was added to fail the parsing of...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF A hung task trace was observed during LOGO processing. 974.309060 0000:00:00.0: qedfehdevicereset:868: 1:0:2:0: LUN RESET issued… 974.309065 0000:00:00.0:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: A null pointer dereference bug can occur when the guest sends an SCSI AN request. In the function vhostscsiCTLHANDLEVQ, the variable vc.target is assigned the value of &vreq.tmf.lun1 within a switch-case block. This...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid dereferencing the fcport pointer. Klocwork reported a warning that a NULL pointer might be dereferenced. The routine exits when saCTL is NULL and fcport is allocated after the exit call. This causes the NULL...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport A system crash may occur due to using resources after they have been freed. The current code allows terminaterportio to exit before ensuring that all I/O operations have...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fixed a use-after-free bug in smpexecutetasksg When executing an SMP task fails, the smpexecutetasksg function calls deltimer to delete the “slowtask-timer” timer. However, if the timer handler sastaskinternaltimedo...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: sysfs: Prevent division by zero This issue prevents division by zero when monitoring is not enabled...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fixed potential use after free in efcnportvportdel The krefput function will call nport-release if the reference count drops to zero. The nport-release function is efcnportfree, which frees the “nport” object...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: A use-after-free issue was addressed for aborted SSP/STP sastask operations. Currently, a use-after-free may occur if an sastask is aborted by the upper layer before we handle the I/O completion in mpisspcompletion ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move the cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 using LOGTRACEEVENT, the following hard lockup occurred, causing the system to hang. Call Trace: rawspinlockirqsave+0x32/0x40...