273 matches found
CVE-2026-23400
In the Linux kernel, the following vulnerability has been resolved: rustbinder: call setnotificationdone without proc lock Consider the following sequence of events on a death listener: 1. The remote process dies and sends a BRDEADBINDER message. 2. The local process invokes the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from rustbinder calling setnotificationdone when holding the proc lock, potentially leading to a...
CVE-2026-23376
A flaw was found in the Linux kernel's nvmet-fcloop component. This vulnerability occurs due to incorrect handling of resource freeing when the remote port state is not online. Specifically, the fcloopt2hxmtlsrsp routine fails to check the remoteport-portstate before calling a done callback, whic...
CVE-2026-23376
In the Linux kernel, the following vulnerability has been resolved: nvmet-fcloop: Check remoteport portstate before calling done callback In nvmefchandlelsrqstwork, the lsrsp-done callback is only set when remoteport-portstate is FCOBJSTATEONLINE. Otherwise, the nvmefcxmtlsrsp's LLDD call to...
CVE-2026-23376 nvmet-fcloop: Check remoteport port_state before calling done callback
In the Linux kernel, the following vulnerability has been resolved: nvmet-fcloop: Check remoteport portstate before calling done callback In nvmefchandlelsrqstwork, the lsrsp-done callback is only set when remoteport-portstate is FCOBJSTATEONLINE. Otherwise, the nvmefcxmtlsrsp's LLDD call to...
CVE-2026-23376
In the Linux kernel, the following vulnerability has been resolved: nvmet-fcloop: Check remoteport portstate before calling done callback In nvmefchandlelsrqstwork, the lsrsp-done callback is only set when remoteport-portstate is FCOBJSTATEONLINE. Otherwise, the nvmefcxmtlsrsp's LLDD call to...
CVE-2026-23376
CVE-2026-23376 affects the Linux kernel nvmet-fcloop component. The vulnerability arises from not checking remoteport port_state before freeing resources in the fcloop_t2h_xmt_ls_rsp path, where lsrsp resources may be freed incorrectly if the remote port is not online. The fix updates fcloop_t2h_...
GHSA-C23C-RP3M-VPG3 Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Summary At the rate limit filter, if we enabled the response phase limit with applyonstreamdone in the rate limit configuration and the response phase limit request fails directly, it may crash Envoy. Details When both the request phase limit and response phase limit are enabled, the safe gRPC...
SUSE CVE-2025-71238
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...
EUVD-2025-208273
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...
AZL-78647 CVE-2025-71238 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...
UBUNTU-CVE-2025-71238
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...
CVE-2025-71238 scsi: qla2xxx: Fix bsg_done() causing double free
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...
CVE-2025-71238 scsi: qla2xxx: Fix bsg_done() causing double free
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...
CVE-2025-71238
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...
CVE-2025-71238
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a double-release vulnerability, which stems from the bsgdone function resulting in a double-release that can be exploited by an attacker to cause the...
PT-2026-22917
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-503.34.1.el9 5 Description The Linux kernel contains a flaw within the qla2xxx SCSI driver related to the bsg done function. Specifically, certain routines in qla bsg.c incorrectly call bsg done in both...
libceph: return the handler error from mon_handle_auth_done()
...
kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length
In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...