CVE-2026-43413

A flaw was found in the Linux kernel's hisisas component. A local user can trigger a NULL pointer dereference by attempting to scan an unsupported channel through the userscan function. This vulnerability can lead to a system crash, resulting in a Denial of Service DoS...

CVE-2026-43413

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining channels 1 to shost-maxchannel via scsiscanhostselected in commit...

CVE-2026-43413

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining channels 1 to shost-maxchannel via scsiscanhostselected in commit...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the hisisas driver’s improper handling of single-channel scenarios during the userscan...

Linux Distros Unpatched Vulnerability : CVE-2026-43413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010910)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010910 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Grab sasdev lock when traversing the members of sasdev.list When freeing slots in...

EUVD-2022-55096

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Free irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in freeirq, and this will cause a kernel BUG like...

SUSE CVE-2023-53627

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Grab sasdev lock when traversing the members of sasdev.list When freeing slots in function slotcompletev3hw, it is possible that sasdev.list is being traversed elsewhere, and it may trigger a NULL pointer exception...

EUVD-2024-53236

Malicious code in bioql PyPI...

UBUNTU-CVE-2022-49118

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Free irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, the driver will free the IRQ vectors before freeing the IRQs in freeirq, and this will cause a kernel BUG like...

CVE-2024-56588 scsi: hisi_sas: Create all dump files during debugfs initialization

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Create all dump files during debugfs initialization For the current debugfs of hisisas, after user triggers dump, the driver allocate memory space to save the register information and create debugfs files to displa...

CVE-2024-56588

CVE-2024-56588 (Linux kernel) affects the hisi_sas driver. The issue arises when dump files are created on the fly during debugfs dump, which leads to a NULL pointer dereference and kernel hang if the driver is unbound while dumping. The root cause is allocating memory and creating debugfs entrie...

CVE-2024-56589

CVE-2024-56589 affects the Linux kernel’s scsi/hisi_sas path, where on no-forced preemption kernels an expander connected to 12 SAS SSDs could trigger a watchdog soft lockup due to interrupt handling on a single CPU. The provided details confirm the vulnerability’s root cause as a missing cond_re...

CVE-2024-56588 scsi: hisi_sas: Create all dump files during debugfs initialization

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Create all dump files during debugfs initialization For the current debugfs of hisisas, after user triggers dump, the driver allocate memory space to save the register information and create debugfs files to displa...

CVE-2024-56589

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Add condresched for no forced preemption model For no forced preemption model kernel, in the scenario where the expander is connected to 12 high performance SAS SSDs, the following call trace may occur: 214.409199...

The vulnerability of the hisi_sas component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the hisisas component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2023-52808

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Set debugfsdir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfsremoverecursive is called, after which debugfsdir is not set to NULL...

CVE-2023-52808

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Set debugfsdir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfsremoverecursive is called, after which debugfsdir is not set to NULL...

DEBIAN-CVE-2023-52808

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Set debugfsdir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfsremoverecursive is called, after which debugfsdir is not set to NULL...

CVE-2023-52808 scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs

In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Set debugfsdir pointer to NULL after removing debugfs If init debugfs failed during device registration due to memory allocation failure, debugfsremoverecursive is called, after which debugfsdir is not set to NULL...