Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function directly invokes sprintf on a user pointer, resulting in a crash. To fix this issue, use a small local stack buffer for sprintf, and...

SUSE CVE-2023-54100

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

Linux Distros Unpatched Vulnerability : CVE-2023-54100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and...

CVE-2023-54100

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

UBUNTU-CVE-2023-54100

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qediremove In qediprobe we call qediprobe which initializes &qedi-recoverywork with qedirecoveryhandler and &qedi-boarddisablework with qediboarddisablework. When qedischedulerecoveryhandler ...

CVE-2023-54100

The CVE-2023-54100 entry describes a Linux kernel use-after-free in the qedi driver during removal. The bug stems from __qedi_remove() not ensuring recovery_work and board_disable_work are finished before cleanup, leaving scheduled work active during removal. The published fix cancels recovery_wo...

kernel: scsi: qedi: Fix crash while reading debugfs attribute

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...

kernel: scsi: qedi: Fix crash while reading debugfs attribute

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...

kernel: scsi: qedi: Fix use after free bug in qedi_remove()

A use-after-free vulnerability was found in the Linux kernel's QLogic qedi iSCSI driver. When the driver is removed via qediremove, the SCSI host structure may be freed while recoverywork or boarddisablework are still running. The work handlers then access the freed qedi-shost structure, causing ...

PT-2025-53177

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the qedi driver within the Linux kernel. The issue occurs in the qedi remove function, potentially triggered by concurrent execution of qedi recovery...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A use-after-free in clsroute filter implementation may lead to privilege escalation CVE-2022-2588 Information leak in scsiioctl CVE-2022-0494 A kernel-info-leak issue in pfkeyregister CVE-2022-13...