Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed corruption in the listadd function within lpfcdraintxq. When parsing the txq list in lpfcdraintxq, the driver attempts to pass the requests to the adapter. If this attempt fails, a local “failmsg” string is set...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed a null pointer dereferencing after failing to issue FLOGI and PLOGI commands. If lpfcissueelsflogi fails and returns a non-zero status, the node’s reference count is decremented to trigger the release of the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a hard lockup issue when reading the rxmonitor from debugfs. During I/O operations and simultaneous reads of /sys/kernel/debug/lpfc/fnX/rxmonitor, a hard lockup similar to the call trace below may occur. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat function with FORTIFY support triggers a panic because it assumes that the target buffer will overflow, even though the correct target buffer size is provided. In any case,...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed the deadlock issue in the SCSI I/O completion and abort handling routines. During stress I/O tests with 500+ vports, hard lockup calls were observed. CPU A: - nativequeuedspinlockslowpath+0x192 -...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013490 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic...

SUSE CVE-2022-50827

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfccreateport Commit 5e633302ace1 "scsi: lpfc: vmid: Add support for VMID in mailbox command" introduced allocations for the VMID resources in lpfccreateport after the call to scsihostalloc. Upon...

UBUNTU-CVE-2022-50827

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfccreateport Commit 5e633302ace1 "scsi: lpfc: vmid: Add support for VMID in mailbox command" introduced allocations for the VMID resources in lpfccreateport after the call to scsihostalloc. Upon...

CVE-2022-50827

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfccreateport Commit 5e633302ace1 "scsi: lpfc: vmid: Add support for VMID in mailbox command" introduced allocations for the VMID resources in lpfccreateport after the call to scsihostalloc. Upon...

CVE-2022-50744

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rxmonitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rxmonitor, a hard lockup similar to the call trace below may occur. The spinlockbh in...

CVE-2023-54102 scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copies...

CVE-2022-50744

Technical details about CVE-2022-50744 are not publicly provided in the supplied connected documents. Monitor SUSE/OpenVAS/PTSecurity feeds for updates and fixes affecting kernel lpfc/rx_monitor and related components.

CVE-2022-50744 scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rxmonitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rxmonitor, a hard lockup similar to the call trace below may occur. The spinlockbh in...

UBUNTU-CVE-2023-53754

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and pciresourcestartpdev, PCI64BITBAR4 returns false, drblregsmemmapp is not remapped. This passes a NULL pointer to iounmap, which can trigger a WARN ...

CVE-2023-53754 scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and pciresourcestartpdev, PCI64BITBAR4 returns false, drblregsmemmapp is not remapped. This passes a NULL pointer to iounmap, which can trigger a WARN ...

Linux Distros Unpatched Vulnerability : CVE-2023-53754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and pciresourcestartpdev, PCI64BITBAR4 returns false, drblregsmemmapp is not...

kernel: scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential use-of-memory issues in devlosstmocallbk. Smatch detected a potential use-of-memory of an ndlp object in devlosstmocallbk during driver unloading or fatal error handling. The issue was fixed by...

EUVD-2022-54708

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix resource leak in lpfcsli4sendseqtoulp If no handler is found in lpfccompleteunsoliocb to match the rctl of a received frame, the frame is dropped and resources are leaked. Fix by returning resources when discardin...

EUVD-2025-26774

Malicious code in bioql PyPI...