Lucene search
K

134 matches found

Cvelist
Cvelist
added 2021/08/08 5:11 a.m.26 views

CVE-2020-36472

An issue was discovered in the max7301 crate before 0.2.0 for Rust. The ImmediateIO and TransactionalIO types implement Sync for all Expander types that they contain...

5.7AI score0.00978EPSS
Exploits1References2
CVE
CVE
added 2021/08/08 5:11 a.m.97 views

CVE-2020-36472

CVE-2020-36472 affects the max7301 crate for Rust older than 0.2.0. The ImmediateIO and TransactionalIO types implement Sync for all contained Expander types, which can allow non-thread-safe Expander contents to be shared across threads. This enables data races when IO can retrieve the Expander a...

5.9CVSS5.6AI score0.00978EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2021/01/05 5:12 p.m.4 views

kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free

A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...

9.3CVSS7.1AI score0.05111EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/22 9:43 a.m.4 views

kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free

A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...

9.3CVSS7.1AI score0.05111EPSS
Exploits0References4
RustSec
RustSec
added 2020/12/18 12:0 p.m.23 views

ImmediateIO and TransactionalIO can cause data races

The ImmediateIO and TransactionalIO types implement Sync for all contained Expander types regardless of if the Expander itself is safe to use across threads. As the IO types allow retrieving the Expander, this can lead to non-thread safe types being sent across threads as part of the Expander...

5.9CVSS3.7AI score0.00978EPSS
Exploits1Affected Software1
OSV
OSV
added 2020/12/18 12:0 p.m.28 views

RUSTSEC-2020-0152 ImmediateIO and TransactionalIO can cause data races

The ImmediateIO and TransactionalIO types implement Sync for all contained Expander types regardless of if the Expander itself is safe to use across threads. As the IO types allow retrieving the Expander, this can lead to non-thread safe types being sent across threads as part of the Expander...

5.9CVSS5.6AI score0.00978EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.5 views

kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free

A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...

9.3CVSS7.1AI score0.05111EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.3 views

kernel: Memory leak in drivers/scsi/libsas/sas_expander.c

A memory leak flaw was found in the Linux kernel. An error in the resource cleanup of the sasexdiscoverexpander function can allow an attacker to induce error conditions that could crash the system. The highest threat from this vulnerability is to system availability...

4.7CVSS7.1AI score0.00405EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 7:0 p.m.6 views

kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free

A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...

9.3CVSS7.1AI score0.05111EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/29 7:0 p.m.3 views

kernel: Memory leak in drivers/scsi/libsas/sas_expander.c

A memory leak flaw was found in the Linux kernel. An error in the resource cleanup of the sasexdiscoverexpander function can allow an attacker to induce error conditions that could crash the system. The highest threat from this vulnerability is to system availability...

4.7CVSS7.1AI score0.00405EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/05/29 12:0 a.m.5 views

The vulnerability in the `drivers/scsi/libsas/sas_expander.c` component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability in the drivers/scsi/libsas/sasexpander.c component of the Linux operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a hacker to cause service failures...

4.7CVSS6.5AI score0.00405EPSS
Exploits0References19Affected Software8
RedhatCVE
RedhatCVE
added 2020/01/25 10:11 p.m.38 views

CVE-2018-20836

A flaw was found in the Linux kernel’s implementation of the SAS expander subsystem, where a race condition exists in the smptasktimedout and smptaskdone in drivers/scsi/libsas/sasexpander.c. An attacker could abuse this flaw to corrupt memory and escalate privileges...

9.3CVSS3.1AI score0.05111EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/01/16 12:0 a.m.49 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5511)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5511 advisory. kernel-uek 3.8.13-118.42.1 - scsi: libsas: delete sas port if expander discover failed Jason Yan Orabug: 30580688 CVE-2019-15807 Tenable has extracted the...

4.7CVSS6.7AI score0.00405EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2020/01/15 12:0 a.m.100 views

Unbreakable Enterprise kernel security update

2.6.39-400.318.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379640 - scsi: libsas: delete sas port if expander discover failed Jason Yan Orabug: 30580689 CVE-2019-15807...

4.7CVSS1.7AI score0.00405EPSS
Exploits0
CNVD
CNVD
added 2020/01/02 12:0 a.m.1 views

SQLite WITH Stack Expansion Vulnerability

SQLite is a self-contained, serverless, zero-configuration, transactional SQL database engine. SQLite 3.30.1 suffers from a WITH stack unfolding vulnerability that stems from the fact that selectExpander in select.c in SQLite continues to handle WITH stack unfolding even after a parsing error. No...

7.5CVSS8.9AI score0.03622EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/01/02 12:0 a.m.9 views

PT-2020-10376 · Sqlite +6 · Sqlite +6

Name of the Vulnerable Software and Affected Versions: SQLite version 3.30.1 Description: The issue is related to the selectExpander function in the select.c file of SQLite. This function proceeds with WITH stack unwinding even after a parsing error occurs. Recommendations: For SQLite version...

9.8CVSS7.4AI score0.45426EPSS
Exploits8References216
CNVD
CNVD
added 2019/08/30 12:0 a.m.1 views

Linux kernel memory leak vulnerability (CNVD-2019-32349)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A memory disclosure vulnerability exists in the drivers/scsi/libsas/sasexpander.c file in Linux kernel versions prior to 5.1.13. An attacker could exploit this...

4.7CVSS7.2AI score0.00405EPSS
Exploits0References1
OSV
OSV
added 2019/08/29 6:15 p.m.5 views

CVE-2019-15807

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sasexpander.c when SAS expander discovery fails. This will cause a BUG and denial of service...

4.7CVSS8AI score
Exploits0References7
OSV
OSV
added 2019/08/29 6:15 p.m.2 views

DEBIAN-CVE-2019-15807

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sasexpander.c when SAS expander discovery fails. This will cause a BUG and denial of service...

4.7CVSS6.3AI score0.00405EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/08/29 6:15 p.m.33 views

CVE-2019-15807

In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sasexpander.c when SAS expander discovery fails. This will cause a BUG and denial of service...

4.7CVSS6.7AI score0.00405EPSS
Exploits0References4
Rows per page
Query Builder