64 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: SCSI: PM80XX – Fix for memory leak during rmmod The driver failed to release all memory allocated. This could lead to a memory leak during the removal of the driver. Memory should be properly freed when the module is removed...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Do not call scsiRemoveHost in pm8001Alloc. Calling scsiRemoveHost before scsiAddHost results in a crash. BUG: Kernel NULL pointer dereferencing, address: 0000000000000108 RIP: 0010: devicedel+0x63/0x440 Call Trace:...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing the OPCINBSETCONTROLLERCONFIG command. The tags allocated for the OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it. The pm8001phycontrol function populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET/PHYHARDRESET, waits for 300 milliseconds, and then...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991185)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991185 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix abort all task initialization In pm80xxsendabortall, the nelem field of the ccb...
SUSE CVE-2025-40118
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
CVE-2025-40118
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
CVE-2025-40118
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
scsi: pm80xx: Set phy->enable_completion only when we wait for it
...
PT-2025-46593
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s SCSI subsystem, specifically within the pm80xx driver. The issue involves an array-index-out-of-bounds condition that occurs during the removal of a...
Linux Distros Unpatched Vulnerability : CVE-2021-47503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Do not call scsiremovehost in pm8001alloc Calling scsiremovehost before...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in...
The vulnerability of the pm80xx kernel component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the pm80xx kernel component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE CVE-2024-47666
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...
CVE-2024-47666
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...
DEBIAN-CVE-2024-47666
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...
AZL-50749 CVE-2024-47666 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...
UBUNTU-CVE-2024-47666
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...
CVE-2024-47666 scsi: pm80xx: Set phy->enable_completion only when we wait for it
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...
CVE-2024-47666
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy-enablecompletion only when we wait for it pm8001phycontrol populates the enablecompletion pointer with a stack address, sends a PHYLINKRESET / PHYHARDRESET, waits 300 ms, and returns. The problem arises when...