82 matches found
DEBIAN-CVE-2022-48823
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. 974.309060 0000:00:00.0:qedfehdevicereset:868: 1:0:2:0: LUN RESET Issued... 974.309065...
SUSE CVE-2024-36919
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Remove spinlockbh while releasing resources after upload The session resources are used by FW and driver when session is offloaded, once session is uploaded these resources are not used. The lock is not required as...
CLSA-2024-1716980150 Fix of 12 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2CHIDREADPENDING flag to prevent lock-up CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in scsi/lpfc...
DEBIAN-CVE-2024-26935
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 "scsi: core: Remove the /proc/scsi/$procname directory earlier" fixed a bug related to modules loading/unloading, by adding a call to scsiprochostdirr...
UBUNTU-CVE-2024-26917
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip-ctlrlock" This reverts commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, since it changed sping locks from "bh" to...
The vulnerability of SCSI device handlers in Windows operating systems allows attackers to increase their privileges.
The vulnerability of SCSI device handlers in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
CLSA-2024-1710945589 Fix of 9 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier Bionic update: upstream stable patchset 2018-08-29 LP: 1789666 // CVE- url: https://ubuntu.com/security/CVE-2022-20567 - l2tp: fix refcount leakage on PPPoL2TP sockets Bionic upda...
SUSE CVE-2023-52500
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing OPCINBSETCONTROLLERCONFIG command Tags allocated for OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...
DEBIAN-CVE-2023-3893
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.3 security and bug fix update
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.13.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS ba...
The vulnerability of the CSI Proxy component of the Kubernetes cluster management software allows a hacker to increase their privileges.
The vulnerability of the CSI Proxy component, a software tool for managing virtual machine clusters in Kubernetes, is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
HashiCorp Nomad 安全漏洞
HashiCorp Nomad is a simple and flexible scheduler and orchestrator from HashiCorp USA. for managing containerized and non-containerized applications at scale, both locally and in the cloud. A security vulnerability exists in HashiCorp Nomad and Nomad Enterpris that stems from an HTTP search API...
Fluid 安全漏洞
Fluid is an open source Kubernetes native distributed dataset orchestrator and gas pedal from the Cloud Native Computing Foundation for data-intensive applications such as Big Data and AI applications. A security vulnerability exists in Fluid versions 0.7.0 through 0.8.6, which stems from the...
SUSE CVE-2010-4163
The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service panic via a zero-length I/O request in a device ioctl to a SCSI device...
Rancher 安全漏洞
Rancher is an open source container management platform from the US-based Rancher Open Source, built for organizations deploying containers in production environments. Rancher suffers from a security vulnerability that stems from the way CPI and CSI credentials for vSphere are stored, causing...
Is Your Kubernetes Cluster Ready for Version 1.24?
Kubernetes rolled out Version 1.24 on May 3, 2022, as its first release of 2022. This version is packed with some notable improvements, as well as new and deprecated features. In this post, we will cover some of the more significant items on the list. The Dockershim removal The new release has...
PT-2021-8169 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a regression in the Linux kernel's scsi core, specifically with the sysfs interface. After iSCSI recovery, the iscsid daemon calls into the kernel to set the...
Kubernetes SIGs Secrets-store-csi-driver path traversal vulnerability
Kubernetes SIGs Secrets-store-csi-driver is a K8s component for storing confidential files based on CSI volumes from the Kubernetes SIGs organization. A security vulnerability exists in Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16, which can be exploited by an attacker to modi...
Linux kernel memory leak vulnerability (CNVD-2019-41260)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory leak vulnerability exists in the bfadimgetstats function in drivers/scsi/bfa/bfadattr.c in Linux kernel 5.3....