5 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: A UAF use-after-free error occurs during login when accessing the host’s IP address. If the iscsitcpr2tpoolalloc function fails during iscsiswtcpsessioncreate, the user space may access the host’s IP address. If t...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989444)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989444 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during...
DEBIAN-CVE-2023-52974
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...
kernel: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
A vulnerability was found in the Linux kernel's iscsi tcp drivers. Improper resource allocation management can lead to a use-after-free scenario, triggered when the userspace attempts to access the session host's ipaddress attribute while the kernel is performing a session teardown via...