Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: bfa: Fixed a use-after-free in bfadimmoduleexit. BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20. A size 8 read was performed at address ffff8881082d80c8 by task modprobe/25303. Call Trace:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004024)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004024 advisory. A memory leak in the bfadimgetstats function in drivers/scsi/bfa/bfadattr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003813 advisory. A memory leak in the bfadimgetstats function in drivers/scsi/bfa/bfadattr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-400750)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-400750 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in...

EUVD-2025-26770

Malicious code in bioql PyPI...

EUVD-2024-51899

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38699

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL...

AZL-66848 CVE-2025-38699 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...

AZL-73644 CVE-2025-38699 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...

CVE-2025-38699

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...

DEBIAN-CVE-2025-38699

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...

UBUNTU-CVE-2025-38699

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL. Subsequently, during driver uninstallation, when the state machine...

PT-2025-35972

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a double-free vulnerability within the SCSI subsystem, specifically in the bfa driver. During initialization, if the bfad im probe function fails, the memory...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47222: net: bridge: fix vlan tunnel dst refcnt when egressing bsc1224857. CVE-2021-47223: net: bridge: fix vlan tunnel dst null pointer dereference bsc1224856...

OESA-2025-1112 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancelworksync before module remove If we remove the module which will call mpc52xxspiremove it will free 'ms' through spiunregistercontroller...

CLSA-2025-1739352814 kernel: Fix of 13 CVEs

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - btrfs: fix information leak in btrfsioctllogicaltoino CVE-2024-35849 - net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 - netfilter: xtables: fix LED ID check in ledtgcheck...

CLSA-2025-1739292069 kernel: Fix of 13 CVEs

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - btrfs: fix information leak in btrfsioctllogicaltoino CVE-2024-35849 - net: afcan: do not leave a dangling sk pointer in cancreate CVE-2024-56603 - netfilter: xtables: fix LED ID check in ledtgcheck...

CLSA-2025-1738672047 kernel: Fix of 15 CVEs

drm/amdgpu: add missing size check in amdgpudebugfsgprwaveread CVE-2024-50282 - drm/amdgpu: fix usage slab after free CVE-2024-56551 - Bluetooth: L2CAP: fix use-after-free in l2capconndel CVE-2022-3640 - netfilter: ipset: add missing range check in bitmapipuadt CVE-2024-53141 - ceph: prevent...

scsi: bfa: Fix use-after-free in bfad_im_module_exit()

...

DEBIAN-CVE-2024-53227

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dumpstacklvl+0x95/0xe0 printreport+0xcb/0x6...