134 matches found
CVE-2020-36472
An issue was discovered in the max7301 crate before 0.2.0 for Rust. The ImmediateIO and TransactionalIO types implement Sync for all Expander types that they contain...
CVE-2020-36472
CVE-2020-36472 affects the max7301 crate for Rust older than 0.2.0. The ImmediateIO and TransactionalIO types implement Sync for all contained Expander types, which can allow non-thread-safe Expander contents to be shared across threads. This enables data races when IO can retrieve the Expander a...
kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free
A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...
kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free
A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...
ImmediateIO and TransactionalIO can cause data races
The ImmediateIO and TransactionalIO types implement Sync for all contained Expander types regardless of if the Expander itself is safe to use across threads. As the IO types allow retrieving the Expander, this can lead to non-thread safe types being sent across threads as part of the Expander...
RUSTSEC-2020-0152 ImmediateIO and TransactionalIO can cause data races
The ImmediateIO and TransactionalIO types implement Sync for all contained Expander types regardless of if the Expander itself is safe to use across threads. As the IO types allow retrieving the Expander, this can lead to non-thread safe types being sent across threads as part of the Expander...
kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free
A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...
kernel: Memory leak in drivers/scsi/libsas/sas_expander.c
A memory leak flaw was found in the Linux kernel. An error in the resource cleanup of the sasexdiscoverexpander function can allow an attacker to induce error conditions that could crash the system. The highest threat from this vulnerability is to system availability...
kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free
A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...
kernel: Memory leak in drivers/scsi/libsas/sas_expander.c
A memory leak flaw was found in the Linux kernel. An error in the resource cleanup of the sasexdiscoverexpander function can allow an attacker to induce error conditions that could crash the system. The highest threat from this vulnerability is to system availability...
The vulnerability in the `drivers/scsi/libsas/sas_expander.c` component of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability in the drivers/scsi/libsas/sasexpander.c component of the Linux operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a hacker to cause service failures...
CVE-2018-20836
A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5511)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5511 advisory. kernel-uek 3.8.13-118.42.1 - scsi: libsas: delete sas port if expander discover failed Jason Yan Orabug: 30580688 CVE-2019-15807 Tenable has extracted the...
Unbreakable Enterprise kernel security update
2.6.39-400.318.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379640 - scsi: libsas: delete sas port if expander discover failed Jason Yan Orabug: 30580689 CVE-2019-15807...
SQLite WITH Stack Expansion Vulnerability
SQLite is a self-contained, serverless, zero-configuration, transactional SQL database engine. SQLite 3.30.1 suffers from a WITH stack unfolding vulnerability that stems from the fact that selectExpander in select.c in SQLite continues to handle WITH stack unfolding even after a parsing error. No...
PT-2020-10376 · Sqlite +6 · Sqlite +6
Name of the Vulnerable Software and Affected Versions: SQLite version 3.30.1 Description: The issue is related to the selectExpander function in the select.c file of SQLite. This function proceeds with WITH stack unwinding even after a parsing error occurs. Recommendations: For SQLite version...
Linux kernel memory leak vulnerability (CNVD-2019-32349)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A memory disclosure vulnerability exists in the drivers/scsi/libsas/sasexpander.c file in Linux kernel versions prior to 5.1.13. An attacker could exploit this...
CVE-2019-15807
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sasexpander.c when SAS expander discovery fails. This will cause a BUG and denial of service...
DEBIAN-CVE-2019-15807
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sasexpander.c when SAS expander discovery fails. This will cause a BUG and denial of service...
CVE-2019-15807
In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sasexpander.c when SAS expander discovery fails. This will cause a BUG and denial of service...