67 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46149
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then wi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Page fault in reply Q processing A page fault was encountered in mpt3sas on a LUN reset error path: 145.763216 mpt3sascm1: Task abort tm failed: handle0x0002, timeout30 trmethod0x0 smid3 msixindex0 145.778932 sc...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: The “Drain commands” step in the targetreset handler is incorrect. The tcmlooptargetreset function violates the SCSI EH contract: it returns SUCCESS without draining any ongoing commands. The SCSI EH...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUNRESET handling This fix addresses a bug where the initiator assumes that a LUNRESET has cleaned up running commands, when in fact it hasn’t. The bug was introduced in commit 51ec502a3266 “target:...
SUSE CVE-2026-43054
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...
CVE-2026-43054
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...
CVE-2026-43054
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...
CVE-2026-43054
CVE-2026-43054 concerns the Linux kernel SCSI target core (tcm_loop). The vulnerability stems from tcm_loop_target_reset() not draining in-flight commands, which can cause SCSI EH to reuse in-flight scsi_cmnd structures and leak LUN references, potentially hanging configfs LUN unlink. The fix dra...
CVE-2026-43054 scsi: target: tcm_loop: Drain commands in target_reset handler
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...
EUVD-2026-26653
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004872)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004872 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is...
UBUNTU-CVE-2025-68371
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading...
CVE-2025-68371
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading...
CVE-2025-68371 scsi: smartpqi: Fix device resources accessed after device removal
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading...
PT-2025-52907
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A race condition exists in the SmartPQI SCSI driver within the Linux kernel during device removal. Specifically, a scheduled work item to reset a LUN could execute after the device was...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989413)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989413 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Page fault in reply q processing A page fault was encountered in mpt3sas on a LUN...
EUVD-2023-60022
In the Linux kernel, the following vulnerability has been resolved: mm/vmemmap/devdax: fix kernel crash when probing devdax devices commit 4917f55b4ef9 "mm/sparse-vmemmap: improve memory savings for compound devmaps" added support for using optimized vmmemap for devdax devices. But how vmemmap...
Linux Distros Unpatched Vulnerability : CVE-2023-53586
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: Fix multiple LUNRESET handling This fixes a bug where an initiator thinks a LUNRESET has cleaned up running commands when it hasn't. The bug was...
SUSE CVE-2023-53586
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUNRESET handling This fixes a bug where an initiator thinks a LUNRESET has cleaned up running commands when it hasn't. The bug was added in commit 51ec502a3266 "target: Delete tmr from list before...
CVE-2023-53586
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUNRESET handling This fixes a bug where an initiator thinks a LUNRESET has cleaned up running commands when it hasn't. The bug was added in commit 51ec502a3266 "target: Delete tmr from list before...