Linux Distros Unpatched Vulnerability : CVE-2026-46105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver...

CVE-2026-46105

A flaw was found in the mpt3sas driver within the Linux kernel. This vulnerability allows for oversized Non-Volatile Memory Express NVMe input/output I/O operations due to improper size limitations. An attacker or a malicious NVMe device could exploit this by issuing I/O requests that exceed the...

UBUNTU-CVE-2026-46105

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...

CVE-2026-46105 scsi: mpt3sas: Limit NVMe request size to 2 MiB

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...

CVE-2026-46105

CVE-2026-46105 affects the Linux kernel mpt3sas SCSI driver. The driver allocates a fixed 4K PRP list buffer, which caps the maximum NVMe I/O transfer size at 2 MiB. The HBA firmware reports NVMe MDTS, but the mismatch with the 2 MiB limit can lead to oversized I/O requests and potentially a kern...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper limit on NVMe request sizes in the mpt3sas driver. This vulnerability may lead to...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Fixed a memory leak Added a forgotten kfree function...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid using test/setbit operations on non-allocated memory. There is a potential for out-of-bounds access when using testbit on a single word. The testbit and setbit functions operate on long values, and when testi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Page fault in reply Q processing A page fault was encountered in mpt3sas on a LUN reset error path: 145.763216 mpt3sascm1: Task abort tm failed: handle0x0002, timeout30 trmethod0x0 smid3 msixindex0 145.778932 sc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed the use of memory after freeing it in scsihexpandernoderemove. The function mpt3sastransportportremove called in scsihexpandernoderemove frees the port field of the sasexpander structure. This leads to a...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed a crash that occurred during the transportportremove function, by using iocinfo. During this function, messages were logged via devprintk against &mpt3sasport-port-dev. At this point, the SAS transport device...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Fixed the use-after-free warning. The following use-after-free warnings, which were observed during controller reset, have also been fixed: refcountt: Underflow; use-after-free. WARNING: CPU: 23 PID: 5399 at...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed NULL pointer access in mpt3sastransportportadd The port is allocated using sasportallocnum, and rphy is allocated either through sasenddevicealloc or sasexpanderalloc. Both of these functions may return NULL...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: A kernel panic occurred during the drive powercycle test. While iterating through Shost’s sdev list, it is possible that one of the drives is being removed, and its sastarget object is freed, but its sdev object...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021591 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree. Tenable has extracted the preceding...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021550 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006942)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006942 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree. Tenable has extracted the preceding...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006918)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006918 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010966)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010966 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree. Tenable has extracted the preceding...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011261)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011261 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix crash in transport port remove by using iocinfo During...