56 matches found
kernel: scsi: ufs: core: Fix handling of lrbp->cmd
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...
DEBIAN-CVE-2023-53120
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix config page DMA memory leak A fix for: DMA-API: pci 0000:83:00.0: device driver has pending DMA allocations while released from device count=1...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel, which stems from a possible post-release reuse of the scsi iscsitcp component when accessing the host ipaddres...
CVE-2022-49536 scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...
CLSA-2024-1727815919 kernel: Fix of 75 CVEs
firmware: csdsp: Return error if block header overflows file CVE-2024-42238 - scsi: qedf: Make qedfexecutetmf non-preemptible CVE-2024-42124 - ftruncate: pass a signed offset CVE-2024-42084 - firmware: csdsp: Use strnlen on name fields in V1 wmfw files CVE-2024-41056 - firmware: csdsp: Prevent...
AZL-50188 CVE-2024-46842 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo The MBXTIMEOUT return code is not handled in lpfcgetsfpinfo and the routine unconditionally frees submitted mailbox commands regardless of return status. The issue is that for...
DEBIAN-CVE-2022-48758
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functions are removing the interface before calling destroywork. This results multiple WARNings from sysfsremovegroup as the controller rpo...
DEBIAN-CVE-2021-47565
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sastarget object is freed but its sdev object remains intact...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a post-release reuse vulnerability in the scsi:iscsi module...
Virtuozzo Hybrid Infrastructure 6.0 Update 1 (6.0.1-76)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover improvements in the compute service, object storage, alerts and monitoring. Additionally, this release delivers stability and security improvements, and addresses issues found in previous releases...
PT-2023-9466 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the RDMA/srp component of the Linux kernel, where a use-after-free condition can occur. This happens when the scmd eh abort handler function calls the SCSI LLD ...
kernel: iscsi: unrestricted access to sessions and handles
A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system...
March 22, 2018—KB4088891 (OS Build 15063.994)
March 22, 2018—KB4088891 OS Build 15063.994 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue with a GDI handle leak in the Windows Ribbon control. Addresses issue where,...
DEBIAN-CVE-2017-14489
The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service panic by leveraging incorrect length validation...
wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36)
REJECTED CVE An integer overflow vulnerability has been identified in the dissectiscsipdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark. A remote attacker could provide a specially-crafted iSCSI packet / packet capture that, once processed, would lead to excessive...
CVE-2011-0637
The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service system crash via unspecified vectors...