49 matches found
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: A UAF use-after-free error occurs during login when accessing the host’s IP address. If the iscsitcpr2tpoolalloc function fails during iscsiswtcpsessioncreate, the user space may access the host’s IP address. If t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: iscsi: iscsitcp: Fixed a NULL pointer dereferencing issue when calling getpeername. A crash due to a NULL pointer occurred when freeing a socket at the same time as accessing it via sysfs. The issues are as follows: 1...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: It is necessary to check that sock is valid before assigning it to iscsisetparam. The validity of sock should be checked before assigning it to prevent incorrect values. The change introduced in commit 57569c37f0a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005637)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005637 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989444)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989444 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during...
Linux Distros Unpatched Vulnerability : CVE-2022-50459
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr- deref while calling getpeername Fix a NULL pointer cras...
Linux Distros Unpatched Vulnerability : CVE-2023-53464
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be...
SUSE CVE-2022-50459
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
CVE-2022-50459
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
UBUNTU-CVE-2022-50459
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
CVE-2022-50459 scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
CVE-2022-50459 scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysfs. The problem is that: 1. iscsiswtcpconngetparam and...
Linux Distros Unpatched Vulnerability : CVE-2023-52975
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and...
UBUNTU-CVE-2023-52975
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
CVE-2023-52974 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...
CVE-2023-52974 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during iscsiswtcpsessioncreate iscsitcpr2tpoolalloc fails, userspace could be accessing the host's ipaddress attr. If we then free the session via...
kernel: UAF during login when accessing the shost ipaddress
A use-after-free flaw was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information...
kernel: UAF during login when accessing the shost ipaddress
A use-after-free flaw was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information...
kernel: UAF during login when accessing the shost ipaddress
A use-after-free flaw was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information...
kernel: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
A vulnerability was found in the Linux kernel's iscsi tcp drivers. Improper resource allocation management can lead to a use-after-free scenario, triggered when the userspace attempts to access the session host's ipaddress attribute while the kernel is performing a session teardown via...