376 matches found
kernel: scsi: qla2xxx: Completely fix fcport double free
A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...
kernel: scsi: qla2xxx: Completely fix fcport double free
A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...
kernel: scsi: qla2xxx: Completely fix fcport double free
A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: ibmvfc: Queue resources are allocated/free only during probe/remove operations. Currently, sub-queues and event pool resources are allocated/free for every CRQ connection event, such as reset and LPM. This exposes the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: The BUGON flag has been removed when the event pool is empty. In practice, the driver should never send more commands than are allocated to the event pool. If this happens, the code will assert the BUGON flag. In th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a resource leak in lpfcsli4sendseqtoulp. If no handler is found in lpfccompleteunsoliocb that matches the recipient of a received frame, the frame is discarded, and resources may be leaked. This issue was...
CVE-2026-45977
A flaw was found in the Linux kernel's fbnic Fibre Channel over Ethernet Network Interface Card driver. A race condition exists in the handling of firmware logs, where the log can be freed while still being accessed. This can lead to a use-after-free vulnerability, potentially allowing an attacke...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them as SCSI devices in a guest VM. I/O operations to the vFC device are...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qedf: Add stagwork to all the vports A call trace was observed when creating NPIV ports. Only 32 out of 64 ports are shown as online. The stagwork was not initialized for the vports; therefore, it needs to be initialized...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoiding deadlock on the delete association path When deleting an association, the shutdown path may lead to a deadlock. This occurs because we try to flush the nvmetwq nested queue. To avoid this deadlock, defer the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted “scsi: fcoe: Fix potential deadlock on &fip-ctlrlock”. This revertment is associated with the commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, as it change...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The issue of double-free of the fcport has been completely fixed. In the function qla24xxelsdcmdiocb, sp-free is set to qla2x00elsdcmdspfree. When an error occurs, this function is called by qla2x00sprelease, where...
CVE-2026-43414
A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...
CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
Linux Distros Unpatched Vulnerability : CVE-2026-43414
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by...
EUVD-2026-26319
FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()
...
CVE-2026-31464
A flaw was found in the Linux kernel's scsi: ibmvfc driver. A malicious or compromised Virtual I/O VIO server can exploit this by sending a crafted response during target discovery. This response can cause an out-of-bounds memory access, leading to the disclosure of sensitive kernel memory...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007314)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007314 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-fc: do not wait in vain when unloading module The module exit path has race between deleting...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007611)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007611 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down...