33 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixed the kernel crash if command allocation fails. If command allocation fails in nvmettcpalloccmds, the kernel crashes in nvmettcpreleasequeuework due to a NULL pointer dereferencing. In nvmet, it was unable to handl...
EUVD-2026-25450
In the Linux kernel, the following vulnerability has been resolved: nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue completion for the same worker:- A. Async event work queued on...
CVE-2026-4652
On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...
CVE-2026-4652
On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993260)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993260 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992701)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992701 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation...
EUVD-2025-8480
Malicious code in bioql PyPI...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nvmet pci-epf potentially double-completing commands when nvmetreqinit fails...
Linux Distros Unpatched Vulnerability : CVE-2025-21885
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxt...
DEBIAN-CVE-2025-38035
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when nvmettcpsetqueuesock is called then queue-statechange isn't set and...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
DEBIAN-CVE-2023-53116
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointe...
AZL-69015 CVE-2025-21885 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
AZL-62687 CVE-2025-21885 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
UBUNTU-CVE-2025-21885
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
CVE-2025-21885 RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix the page details for the srq created by kernel consumers While using nvme target with usesrq on, below kernel panic is noticed. 549.698111 bnxten 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91...
SUSE CVE-2024-53681
In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmetrootdiscoverynqnstore treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of usin...
DEBIAN-CVE-2021-47130
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix freeing unallocated p2pmem In case p2p device was found but the p2p pool is empty, the nvme target is still trying to free the sgl from the p2p pool instead of the regular sgl pool and causing a crash BUG is called...
kernel: use after free in nvmet_tcp_free_crypto in NVMe
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead t...
kernel: use after free in nvmet_tcp_free_crypto in NVMe
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead t...