CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: SCSI: BFA – Ensure that the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of size nbytes and copy nbytes from user space to that buffer. Later, we use sscanf on this buffer, but we do not...

7.1CVSS6.3AI score0.0001EPSS

Exploits0References2

Redos•added 2026/04/03 12:0 a.m.•2 views

ROS-20260403-73-0034

A vulnerability in the scsi/bfa/bfadim.c component of the Linux operating system kernel is related to memory re-release. Exploitation of the vulnerability allows an attacker to violate data integrity as well as cause a denial of service...

7.8CVSS7AI score0.00024EPSS

Exploits0

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004024)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004024 advisory. A memory leak in the bfadimgetstats function in drivers/scsi/bfa/bfadattr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory...

4.7CVSS6.4AI score0.00084EPSS

Exploits0References16

SUSE Linux•added 2025/11/18 1:51 p.m.•3 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

8.5CVSS6.3AI score0.00097EPSS

Exploits3References840

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-382572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-382572 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel...

7.1CVSS6.2AI score0.0001EPSS

Exploits0References3

OSV•added 2025/09/04 4:15 p.m.•0 views

AZL-66848 CVE-2025-38699 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...

7.8CVSS5.6AI score0.00024EPSS

Exploits0References1

OSV•added 2025/09/04 4:15 p.m.•2 views

AZL-73644 CVE-2025-38699 affecting package kernel for versions less than 5.15.200.1-1

7.8CVSS5.6AI score0.00024EPSS

Exploits0References1

CVE•added 2025/09/04 3:32 p.m.•17 views

CVE-2025-38699

CVE-2025-38699 is a Linux kernel double-free fix in the SCSI bfad (bfa) path. When bfad_im_probe() fails during init, bfad->im is freed but not set to NULL. If the driver is later uninstalled and bfad_sm_stopping triggers bfad_im_probe_undo(), the memory at bfad->im can be freed again, enab...

7.8CVSS5.9AI score0.00024EPSS

Exploits0References12Affected Software1

CNNVD•added 2025/09/04 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the bfa driver not setting the im pointer correctly resulting in a double release...

7.8CVSS6AI score0.00024EPSS

Exploits0References10

OSV•added 2025/02/14 12:12 p.m.•1 views

OESA-2025-1112 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancelworksync before module remove If we remove the module which will call mpc52xxspiremove it will free 'ms' through spiunregistercontroller...

7.8CVSS6.6AI score0.00017EPSS

Exploits0References7

Cvelist•added 2024/12/27 1:50 p.m.•16 views

CVE-2024-53227 scsi: bfa: Fix use-after-free in bfad_im_module_exit()

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dumpstacklvl+0x95/0xe0 printreport+0xcb/0x6...

0.00012EPSS

Exploits0References9

Debian CVE•added 2024/12/27 1:50 p.m.•5 views

CVE-2024-53227

7.8CVSS5.8AI score0.00012EPSS

Exploits0

Oracle linux•added 2024/11/27 12:0 a.m.•47 views

Unbreakable Enterprise kernel security update

4.1.12-124.92.3 - memcgwriteeventcontrol: fix a user-triggerable oops Al Viro Orabug: 37070674 CVE-2024-45021 - ocfs2: fix races between hole punching and AIO+DIO Su Yue Orabug: 36835819 CVE-2024-40943 4.1.12-124.92.2 - fbdev: savage: Handle err return when savagefbcheckvar failed Cai Xinchen...

7.8CVSS7.2AI score0.00173EPSS

Exploits0

SUSE CVE•added 2024/06/22 3:35 a.m.•1 views

SUSE CVE-2024-38560

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is...

5.5CVSS6.2AI score0.0001EPSS

Exploits0References21

OSV•added 2024/06/19 2:15 p.m.•1 views

DEBIAN-CVE-2024-38560

7.1CVSS6AI score0.0001EPSS

Exploits0References1

OSV•added 2024/06/19 2:15 p.m.•2 views

UBUNTU-CVE-2024-38560

7.1CVSS6.3AI score0.0001EPSS

Exploits0References33