Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Implement a reference counter for SRB The timeout handler and the done function are competing with each other. When qla2x00iocbtimeout starts to execute, it may be preempted by the normal response path via the...

UBUNTU-CVE-2025-68371

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading...

EUVD-2013-0989

Malware in sbrugna...

EUVD-2025-13958

Malicious code in bioql PyPI...

EUVD-2022-55066

Malicious code in bioql PyPI...

CVE-2025-37828

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...

CVE-2025-37828

CVE-2025-37828 affects the Linux kernel in the SCSI/UFS MCQ path. A race between MCQ completion and the abort handler can lead to dereferencing a NULL hwq pointer after __blk_mq_free_request() sets rq->mq_hctx to NULL. The fix adds a NULL check on the returned hwq in ufshcd_mcq_abort(); if hwq...

SUSE CVE-2022-49536

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...

DEBIAN-CVE-2022-49536

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...

UBUNTU-CVE-2022-49536

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...

CVE-2022-49536 scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...

CVE-2022-49159

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Implement ref count for SRB The timeout handler and the done function are racing. When qla2x00asynciocbtimeout starts to run it can be preempted by the normal response path via the firmware?. qla24xxasyncgpscspdone...

CVE-2022-49159 scsi: qla2xxx: Implement ref count for SRB

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Implement ref count for SRB The timeout handler and the done function are racing. When qla2x00asynciocbtimeout starts to run it can be preempted by the normal response path via the firmware?. qla24xxasyncgpscspdone...

UBUNTU-CVE-2021-47427

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsitask use after free Commit d39df158518c "scsi: iscsi: Have abort handler get ref to conn" added iscsigetconn/iscsiputconn calls during abort handling but then also changed the handling of the case where we...

CVE-2021-47188

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Improve SCSI abort handling The following has been observed on a test setup: WARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcdqueuecommand+0x468/0x65c Call trace: ufshcdqueuecommand+0x468/0x65c...

SUSE CVE-2023-52515

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsidone from srpabort After scmdehaborthandler has called the SCSI LLD ehaborthandler callback, it performs one of the following actions: Call scsiqueueinsert. Call scsifinishcommand. Call scsiehscmdadd...

CVE-2023-52515 RDMA/srp: Do not call scsi_done() from srp_abort()

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsidone from srpabort After scmdehaborthandler has called the SCSI LLD ehaborthandler callback, it performs one of the following actions: Call scsiqueueinsert. Call scsifinishcommand. Call scsiehscmdadd...

PT-2023-9466 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the RDMA/srp component of the Linux kernel, where a use-after-free condition can occur. This happens when the scmd eh abort handler function calls the SCSI LLD ...

SUSE CVE-2021-36221

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort...

kernel: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...