ROS-20260403-73-0035

A vulnerability in the scsi/libiscsi.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to gain access to confidential data, violate its integrity, and cause denial of service...

virt:ol and virt-devel:ol security update

hivex 1.3.18-23 - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 libguestfs-winsupport 8.10-1 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi...

virt:ol and virt-devel:ol security and bug fix update

hivex libguestfs libguestfs-winsupport 8.8-2 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236373 libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-33 - CVE-2023-3354 QEMU: VNC: improper I/O watch removal in TLS handshak...

DEBIAN-CVE-2025-38700

In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsiconn-dddata only if memory is allocated In case of an ibfastregmr allocation failure during iSER setup, the machine hits a panic because iscsiconn-dddata is initialized unconditionally, even when n...

UBUNTU-CVE-2025-38700

In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsiconn-dddata only if memory is allocated In case of an ibfastregmr allocation failure during iSER setup, the machine hits a panic because iscsiconn-dddata is initialized unconditionally, even when n...

CVE-2025-38700 scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated

In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsiconn-dddata only if memory is allocated In case of an ibfastregmr allocation failure during iSER setup, the machine hits a panic because iscsiconn-dddata is initialized unconditionally, even when n...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from libiscsi not properly initializing the dddata pointer...

PT-2025-35973

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the libiscsi component. Specifically, the iscsi conn-dd data field is initialized regardless of whether memory allocation succeeds. If ib fast reg...

rhel bug fix and enhancement update

An update is available for libnbd, qemu-kvm, module.libvirt-python, module.swtpm, module.supermin, libvirt, module.qemu-kvm, module.sgabios, module.nbdkit, swtpm, libtpms, libguestfs, seabios, sgabios, module.libguestfs-winsupport, module.libguestfs, netcf, module.perl-Sys-Virt, module.virt-v2v,...

virt:kvm_utils3 security update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 libguestfs-winsupport libiscsi libnbd 1.6.0-6.el8 - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 1.6.0-5.el8 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or wri...

virt:kvm_utils3 security update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol libguestfs-winsupport...

virt:rhel and virt-devel:rhel security and bug fix update

An update is available for libnbd, qemu-kvm, module.libvirt-python, module.swtpm, module.supermin, libvirt, module.qemu-kvm, module.sgabios, module.nbdkit, swtpm, libtpms, libguestfs, seabios, sgabios, module.libguestfs-winsupport, module.libguestfs, netcf, module.perl-Sys-Virt, module.virt-v2v,...

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-4351)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4351 advisory. hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps f...

virt:ol and virt-devel:rhel security and bug fix update

hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-23.2 - util: Fix error return for virProcessKillPainfullyDelay RHEL-36064 - rpc: ensure...

virt:kvm_utils1 security update

hivex libguestfs libguestfs-winsupport libiscsi libnbd libvirt 5.7.0-42 - Document CVEs as fixed Karl Heubaum CVE-2023-2700 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364474 CVE-2024-1441 - libvirt- : Check caller-provided buffers to be NULL with size 0 Erik...

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-3253)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3253 advisory. - remote: check for negative array lengths before allocation CVE-2024-2494 libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm - Resolves: RHEL-1962...

virt:ol and virt-devel:rhel security update

hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.1.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-23.1.el8 - remote: check for negative array lengths before allocation CVE-2024-2494...

virt:ol and virt-devel:rhel security and enhancement update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix...

CVE-2021-47290 scsi: target: Fix NULL dereference on XCOPY completion

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 "scsi: target: core: Make completion affinity configurable" makes targetcompletecmd queue work on a CPU based on...

virt:ol and virt-devel:rhel security, bug fix, and enhancement update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix...