Azure Linux 3.0 Security Update: kernel (CVE-2024-41053)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41053 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix ufshcdabortone raci...

CVE-2025-15281

Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...

CVE-2025-15281 wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory

Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...

SUSE CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003725 advisory. TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003733)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003733 advisory. TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000811)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000811 advisory. drivers/infiniband/ulp/srpt/ibsrpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service NULL pointer dereference and system crash by...

scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"

...

CVE-2025-68818

A NULL pointer dereference flaw was found in the QLogic Fibre Channel HBA driver qla2xxx in the Linux kernel. During ISP error recovery, the abort path incorrectly assumes all command types are TYPESRB. When operating in SCSI target mode with TYPETGTCMD commands, this results in calling a NULL...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002839)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002839 advisory. drivers/infiniband/ulp/srpt/ibsrpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service NULL pointer dereference and system crash by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003114)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003114 advisory. drivers/infiniband/ulp/srpt/ibsrpt.c in the Linux kernel before 4.5.1 allows local users to cause a denial of service NULL pointer dereference and system crash by...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

AZL-74408 CVE-2025-68818 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

UBUNTU-CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

CVE-2025-68818

CVE-2025-68818 is a Linux kernel scsi issue in qla2xxx: an abort-path lockless path (in __qla2x00_abort_all_cmds) could call sp->done() without holding a spinlock and mishandle sp->cmd_type, leading to a NULL dereference in target-mode. The problem was introduced by a revert of a commit tha...

CVE-2025-68818 scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...