24 matches found
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Commands from recovery entries are freed after a session is closed. This leads to a use-after-free error when freeing commands, or a NPE Non-Programmable Error. The call trace is as follows: Time2Retain time...
RHEL 9 : kernel-rt (RHSA-2026:14301)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14301 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount In iscsitdecsessionusagecount, the function calls complete while holding the sess-sessionusagelock. Similar to the connection usage count logic, the waiter...
RHEL 8 : kernel (RHSA-2026:14165)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14165 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix...
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount In iscsitdecsessionusagecount, the function calls complete while holding the sess-sessionusagelock. Similar to the connection usage count logic, the waiter...
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount In iscsitdecsessionusagecount, the function calls complete while holding the sess-sessionusagelock. Similar to the connection usage count logic, the waiter...
RHEL 10 : kernel (RHSA-2026:9095)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9095 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Servi...
MiracleLinux 8 : kernel-4.18.0-553.117.1.el8_10 (AXSA:2026-414:26)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-414:26 advisory. kernel: nouveau: fix instmem race condition around ptr stores CVE-2024-26984 kernel: scsi: target: iscsi: Fix use-after-free in...
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount In iscsitdecsessionusagecount, the function calls complete while holding the sess-sessionusagelock. Similar to the connection usage count logic, the waiter...
RHEL 8 : kernel-rt (RHSA-2026:6572)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6572 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
MiracleLinux 9 : kernel-5.14.0-611.45.1.el9_7 (AXSA:2026-409:25)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-409:25 advisory. kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: drm/sched: Fix potential double free in...
SUSE CVE-2026-23216
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount In iscsitdecconnusagecount, the function calls complete while holding the conn-connusagelock. As soon as complete is invoked, the waiter such as...
CVE-2026-23216
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount In iscsitdecconnusagecount, the function calls complete while holding the conn-connusagelock. As soon as complete is invoked, the waiter such as...
UBUNTU-CVE-2026-23216
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount In iscsitdecconnusagecount, the function calls complete while holding the conn-connusagelock. As soon as complete is invoked, the waiter such as...
CVE-2026-23216
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount In iscsitdecconnusagecount, the function calls complete while holding the conn-connusagelock. As soon as complete is invoked, the waiter such as...
CVE-2026-23193
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount In iscsitdecsessionusagecount, the function calls complete while holding the sess-sessionusagelock. Similar to the connection usage count logic, the waiter...
EUVD-2023-60457
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain timer expired for...
CVE-2023-54184 scsi: target: iscsit: Free cmds before session free
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain timer expired for...
PT-2025-54013
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the SCSI target iSCSI implementation. Specifically, commands from recovery entries are freed after the session has been closed, leading to a...
SUSE CVE-2023-54154
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter struct allocated via targetalloccmdcounter is never freed, resulting in leaks across various transport types, e.g.: unreferenced object 0xffff88801f920120 size 96...