Lucene search
K

57 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fixed a possible Use-after-Allocation UAF in snictgtcreate A warning is reported as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warning: &‘tgt-list’ was not removed from the list If the deviceadd function...

6.1AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fixed a possible memory leak if deviceadd fails. If deviceadd returns an error, the name allocated by devsetname needs to be freed. As noted in the comments for deviceadd, putdevice should be used to release the...

5.5CVSS5.2AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

A use-after-free flaw was discovered in the addpartition function in the block/partitions/core.c file within the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue arises due to the lack of code cleanup when the deviceadd function fails...

5.5CVSS6.7AI score0.00336EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:7 a.m.6 views

scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
NVD
NVD
added 2026/05/27 2:17 p.m.10 views

CVE-2026-45997

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...

5.5CVSS0.00123EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-45997

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/27 12:55 p.m.41 views

CVE-2026-45997 scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...

0.00123EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/27 12:55 p.m.8 views

CVE-2026-45997

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
CVE
CVE
added 2026/05/27 12:55 p.m.32 views

CVE-2026-45997

CVE-2026-45997 concerns the Linux kernel SCSI disk driver (sd). The issue arises when device_add(&sdkp->disk_dev) fails during sd_probe; as a result, put_device() calls lead to scsi_disk_release() freeing the scsi_disk but leaving the gendisk referenced. The fix adds a missing put_disk(gd) in ...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43864

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference-count leak occurs in the SCSI subsystem. When the device add&disk dev function fails, put device triggers scsi disk release, which frees the scsi disk but fails to release th...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011290)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011290 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011174 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows:...

5.8AI score0.00239EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/03 11:25 p.m.5 views

SUSE CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/03 6:31 p.m.6 views

EUVD-2026-18780

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

5.7AI score0.00119EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/03 5:4 p.m.8 views

CVE-2026-31399

A flaw was found in the Linux kernel's nvdimm/bus component. During asynchronous device initialization, if the deviceadd function fails in ndasyncdeviceregister, a use-after-free vulnerability can occur. This happens because the device's reference count drops to zero before the parent pointer is...

4.7CVSS6.1AI score0.00119EPSS
Exploits0References4
NVD
NVD
added 2026/04/03 4:16 p.m.3 views

CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

7.8CVSS0.00119EPSS
Exploits0References8
OSV
OSV
added 2026/04/03 4:16 p.m.9 views

UBUNTU-CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/04/03 3:16 p.m.17 views

CVE-2026-31399 nvdimm/bus: Fix potential use after free in asynchronous initialization

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

0.00119EPSS
Exploits0References8
CVE
CVE
added 2026/04/03 3:16 p.m.19 views

CVE-2026-31399

CVE-2026-31399 concerns the Linux kernel, specifically a use-after-free in the nvme/nvdimm bus async initialization path. The issue arises if device_add() fails during nd_async_device_register(): the parent device reference could drop to 0 before the parent pointer is accessed, leading to use-aft...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper management of parent device references after the deviceadd operation fails. This could...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References6
Rows per page
Query Builder