Lucene search
K

125 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvme-tcp: sanitize request list handling Validate the request in nvmetcphandler2t to ensure it's not part of any list, otherwise a malicious R2T PDU might injec...

5.5CVSS6.5AI score0.00136EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.7 views

nvme-rdma: unquiesce admin_q before destroy it

...

5.7CVSS7AI score0.00373EPSS
Exploits0
CNNVD
CNNVD
added 2025/07/09 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nvme-tcp unvalidated request lists, which could lead to a request processing loop...

5.5CVSS6.4AI score0.00136EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.6 views

Vulnerabilities of components such as drivers, NVMe, and host kernels of the Linux operating system, which allow attackers to cause service failures

The vulnerability of components such as drivers, NVMe, and host kernels in the Linux operating system is related to errors during thread blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00235EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.5 views

The vulnerability of the `nvme_loop_create_ctrl()` function in the drivers/nvme/target/loop.c module of the Linux operating system allows a hacker to gain access to protected information.

The vulnerability of the nvmeloopcreatectrl function in the drivers/nvme/target/loop.c module of the Linux operating system is related to improper memory release before deleting the last reference „memory leak“. Exploiting this vulnerability may allow an attacker to access protected information...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References12Affected Software1
Amazon
Amazon
added 2025/06/10 12:0 a.m.2 views

Important: kernel-livepatch-6.1.134-152.225

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu CVE-2025-21927 Affected Packages: kernel-livepatch-6.1.134-152.225 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS7.8AI score0.00209EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/04 12:0 a.m.5 views

The vulnerability in the `drivers/nvme/host/rdma.c` driver of the Linux operating system’s NVMe kernel allows a hacker to cause a service failure.

The vulnerability in the drivers/nvme/host/rdma.c file of the Linux operating system’s NVMe kernel driver is related to insufficient handling of exception states. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.7CVSS6.8AI score0.00373EPSS
Exploits0References8Affected Software5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.3 views

kernel: nvme-rdma: unquiesce admin_q before destroy it

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: unquiesce adminq before destroy it Kernel will hang on destroy adminq while we create ctrl failed, such as following calltrace: PID: 23644 TASK: ff2d52b40f439fc0 CPU: 2 COMMAND: "nvme" 0 ff61d23de260fb78 schedule at...

5.7CVSS6.8AI score0.00373EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/04/03 12:0 a.m.6 views

The vulnerability of the nvme_stop_ctrl() function in the Linux kernel driver for NVME support allows a attacker to cause a service failure.

The vulnerability of the nvmestopctrl function in the Linux kernel driver for NVME storage devices is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.0018EPSS
Exploits0References6Affected Software1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: deferring partition scanning. We need to prevent the partition scanning from occurring within the controller’s scanwork context. If a path error occurs here, I/O operations will wait until a path becomes available...

5.5CVSS6.2AI score0.00235EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.9 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fixed the issue of freeing the HMB descriptor table. The HMB descriptor table is sized based on the maximum number of descriptors that can be used for a given device. However, nvmeallochostmem might break out of the loo...

5.5CVSS6.2AI score0.00213EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.7 views

nvme-multipath: defer partition scanning

...

5.5CVSS7.1AI score0.00235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.4 views

nvme: tcp: avoid race between queue_lock lock and destroy

...

4.7CVSS6.6AI score0.00161EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/01/10 12:21 a.m.4 views

SUSE CVE-2024-56632

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix the memleak while create new ctrl failed Now while we create new ctrl failed, we have not free the tagset occupied by adminq, here try to fix it...

5.5CVSS7.8AI score0.00209EPSS
Exploits0References13
OSV
OSV
added 2024/12/29 12:15 p.m.2 views

UBUNTU-CVE-2024-56756

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but nvmeallochostmem could break out of the loop earlier on memory...

5.5CVSS6.1AI score0.00213EPSS
Exploits0References50
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.7 views

The vulnerability of the nvme_rdma_free_queue() function in the Linux operating system’s NVMe driver allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the nvmerdmafreequeue function in the drivers/nvme/host/rdma.c file of the Linux NVMe kernel driver is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibilit...

10CVSS6.5AI score0.01166EPSS
Exploits0References9Affected Software3
RedHat Linux
RedHat Linux
added 2024/11/26 12:55 a.m.3 views

kernel: nvme-tcp: fix UAF when detecting digest errors

A use-after-free vulnerability was found in the Linux kernel in drivers/nvme/host/tcp.c in nvmetcpiowork. This issue can occur when a local user continues to read data after the connection finishes. This flaw allows a malicious user to cause a use-after-free problem...

7.8CVSS7.2AI score0.0025EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/25 12:0 a.m.6 views

PT-2024-35566 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.65 Description: The issue arises from the nvme keep-alive operation, which could potentially cause a race between the fabric controller admin queue destroy code path and the hw/hctx queue dispatcher. This ra...

6.8AI score
Exploits0References21
SUSE CVE
SUSE CVE
added 2024/11/06 3:48 a.m.4 views

SUSE CVE-2024-50135

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvmedevdisable nvmedevdisable modifies the dev-onlinequeues field, therefore nvmepciupdatenrqueues should avoid racing against it, otherwise we could end up passing invalid values to...

6.3CVSS7.6AI score0.00165EPSS
Exploits0References20
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.5 views

The vulnerability of the nvme_directive_receive() function in the NVMe emulator virtual device of the QEMU hardware infrastructure, which allows a hacker to trigger a service failure.

The vulnerability of the nvmedirectivereceive function in the NVMe virtual device emulator for QEMU hardware infrastructure is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to trigger a service failure...

5.5CVSS6.4AI score0.00392EPSS
Exploits1References9Affected Software2
Rows per page
Query Builder