131 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-71111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving...
CVE-2025-68818
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...
CVE-2025-68818
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...
UBUNTU-CVE-2025-68818
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...
CVE-2025-68818
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...
CVE-2025-68818
CVE-2025-68818 is a Linux kernel scsi issue in qla2xxx: an abort-path lockless path (in __qla2x00_abort_all_cmds) could call sp->done() without holding a spinlock and mishandle sp->cmd_type, leading to a NULL dereference in target-mode. The problem was introduced by a revert of a commit tha...
CVE-2025-68818 scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...
CVE-2025-68818
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...
CVE-2025-68818 scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...
PT-2026-2550
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.133 Description The Linux kernel contained a flaw related to SCSI operations and the qla2xxx driver. A reverted commit introduced a condition where code within qla2x00 abort all cmds could call a function...
PT-2026-27705
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the networking subsystem related to traffic queue management. Specifically, a race condition can occur between qdisc reset all tx gt and the dequeue...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993028)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993028 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tunnels: annotate lockless accesses to dev-neededheadroom IP tunnels can apparently update...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993303)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993303 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Perform lockless command completion in abort path While adding and removing the...
EUVD-2023-60512
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqprequest-requestdone memory location which is accessed locklessly in irdmahandlecqpop while being updated in irdmacqpcehandler. Annotate lockless intent...
EUVD-2022-55882
In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug in ip6gre tunnel dev:ip6gretap0 Since ipv6 mcast code makes sure to read dev-mtu once and applies a sanity check on it see commit...
CVE-2023-54292
CVE-2023-54292: In the Linux kernel, a data race was fixed in RDMA/irdma handling of CQP requests. KCSAN showed a race on cqp_request->request_done; the fix annotates lockless access with READ_ONCE/WRITE_ONCE to avoid compiler optimizations and warnings. Public details in the initial descripti...
CVE-2023-54292 RDMA/irdma: Fix data race on CQP request done
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqprequest-requestdone memory location which is accessed locklessly in irdmahandlecqpop while being updated in irdmacqpcehandler. Annotate lockless intent...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992259)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992259 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Perform lockless command completion in abort path While adding and removing the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992682)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992682 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tunnels: annotate lockless accesses to dev-neededheadroom IP tunnels can apparently update...
DEBIAN-CVE-2023-53824
In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk-maxrecvmsglen syzbot reported a data-race in data-race in netlinkrecvmsg 1 Indeed, netlinkrecvmsg can be run concurrently, and netlinkdump also needs protection. 1 BUG: KCSAN: data-race ...