13 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31557
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue...
Linux Distros Unpatched Vulnerability : CVE-2025-39778
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmetctrlstateshow The cstsstatenames arra...
Linux Distros Unpatched Vulnerability : CVE-2025-38405
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a...
PT-2025-20354 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been identified in the Linux kernel, specifically in the nvmet component. The issue arises when attempting to enable a port without a configured transport, causing ...
CVE-2023-53116
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointe...
CVE-2023-53116
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointe...
CVE-2023-53116 nvmet: avoid potential UAF in nvmet_req_complete()
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointe...
CVE-2023-53116 nvmet: avoid potential UAF in nvmet_req_complete()
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointe...
CVE-2024-53681
In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmetrootdiscoverynqnstore treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of usin...
CVE-2024-53681
CVE-2024-53681 : In the Linux kernel nvmet subsystem, the code path nvmet_root_discovery_nqn_store mishandled the subsysnqn string as a fixed-size buffer even though it is allocated to the string size. The root cause is buffer overrun risk when the subsysnqn is longer than the old buffer. The fix...
CVE-2024-41079
In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words aka results for the command queue entry need to be set to 0 when they are not used not specified. Though, the target implemention return...
CVE-2021-47130
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix freeing unallocated p2pmem In case p2p device was found but the p2p pool is empty, the nvme target is still trying to free the sgl from the p2p pool instead of the regular sgl pool and causing a crash BUG is called...
CVE-2021-47130
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix freeing unallocated p2pmem In case p2p device was found but the p2p pool is empty, the nvme target is still trying to free the sgl from the p2p pool instead of the regular sgl pool and causing a crash BUG is called...