502 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A NULL pointer dereferencing occurred after calling stargettorport. Calls to stargettorport may return NULL. Add a check for NULL rport before dereferencing...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat function with FORTIFY support triggers a panic because it assumes that the target buffer will overflow, even though the correct target buffer size is provided. In any case,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure that the DAID handling is completed before deleting an NPIV instance. Deleting an NPIV instance requires that all fabric ndlps be released before the resources of the NPIV can be destroyed. Failure to release t...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed issues with ioremap in lpfcsli4pcimemsetup. When iftype equals zero and pciresourcestartpdev, PCI64BITBAR4 returns false, drbl regsmemmapp is not remapped. This passes a NULL pointer to iounmap, which can...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hexadecimal numbers or similar elements. However,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a hard lockup issue when reading the rxmonitor from debugfs. During I/O operations and simultaneous reads of /sys/kernel/debug/lpfc/fnX/rxmonitor, a hard lockup similar to the call trace below may occur. The...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed corruption in the listadd function within lpfcdraintxq. When parsing the txq list in lpfcdraintxq, the driver attempts to pass the requests to the adapter. If this attempt fails, a local “failmsg” string is set...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move the cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 using LOGTRACEEVENT, the following hard lockup occurred, causing the system to hang. Call Trace: rawspinlockirqsave+0x32/0x40...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a use-after-free issue related to KFENCE violations during the sysfs firmware write process. During the sysfs firmware write process, a use-after-free read warning was logged from the lpfcwrobject routine: BUG:...
K000161576: Linux kernel vulnerabilities CVE-2025-39841 and CVE-2025-39727
Security Advisory Description CVE-2025-39841 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a possible memory leak in lpfcrcvpadisc The call to lpfcsli4resumerpi in lpfcrcvpadisc may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion function is not called, and thus...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed the call trace observed during I/O with CMF enabled. The following issue was observed with CMF enabled: BUG: Using smpprocessorid in a preemptible context. Code: systemd-udevd/31711 Kernel: Caller is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A memory leak was fixed in lpfccreateport. The commit 5e633302ace1 “scsi: lpfc: vmid: Added support for VMID in the mailbox command” introduced allocations for the VMID resources in lpfccreateport after the call to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed a null pointer dereferencing after failing to issue FLOGI and PLOGI commands. If lpfcissueelsflogi fails and returns a non-zero status, the node’s reference count is decremented to trigger the release of the...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013490)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013490 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011371)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011371 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011415)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011415 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013028)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013028 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007586)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007586 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after...