759 matches found
kernel: scsi: qla2xxx: Completely fix fcport double free
A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Oracle Linux 9 : kernel (ELSA-2026-27789)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27789 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...
RockyLinux 9 : kernel (RLSA-2026:27789)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27789 advisory. kernel: can: isotp: fix tx.buf use-after-free in isotpsendmsg CVE-2026-31474 kernel: mptcp: fix slab-use-after-free in inetlookupestablished...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted “scsi: qla2xxx: Perform lockless command completion in abort path”. This revertment is associated with commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The committed code added code to qla2x00abortallcmds to call...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The payload size has been sanitized to prevent member overflow. In functions qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by the firmware is used to calculate the copy length for the...
kernel: scsi: qla2xxx: Completely fix fcport double free
A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fix command flush on cable pull The system crashed due to a command failing to be flushed back to the SCSI layer. BUG: Unable to handle a NULL pointer dereferencing in the kernel at 0000000000000000 PGD 0 P4D 0...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred when I/O abort times out. During CPU hotplug, a crash was observed with the following stack: Call Trace: qla24xxprocessresponsequeue+0x42a/0x970 qla2xxx qla2x00startnvmemq+0x3a2/0x4b0...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: A memory leak was fixed in the error path of qla2x00processels. The commit number is 8c0eb596baa5 “SCSI qla2xxx: Fix a memory leak in an error path of qla2x00processels”. The intended changes were to modify the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid dereferencing the fcport pointer. Klocwork reported a warning that a NULL pointer might be dereferenced. The routine exits when saCTL is NULL and fcport is allocated after the exit call. This causes the NULL...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check whether the returned RPORT is valid. Klocwork reported a warning that the RPORT might be NULL and would be dereferenced. The RPORT returned by the call to fcbsgtorport could be NULL and would be dereferenced...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fixed the DMA-API call trace for NVMe LS requests. The following message and call trace were observed with debug kernels: DMA-API: qla2xxx 0000:41:00.0: The device driver failed to check the map error device...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid. The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC0: controller connect complete localhost kernel: BUG: Using smpprocessorid in preemptible...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixing the deletion race condition A system crash occurs when using the debug kernel due to corruption of the link list. The cause of the link list corruption is that session deletion was allowed to be queued...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: SCSI: QLA2XXX – Array index may go out of bound Klocwork reports that the array “vha-hoststr” of size 16 may use index values 16–19. It is recommended to use snprintf instead of sprintf...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qlt24xxhandleabts The commit 8f394da36a36 “scsi: qla2xxx: Drop TARGETSCFLOOKUPLUNFROMTAG” caused the qlt24xxhandleabts function to return early if tcmqla2xxxfindcmdbytag failed to find a command...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: A mistake of “one” was corrected in qlaedifappgetstats. The appreply-elem array is allocated earlier in this function, and it contains appreq.numports elements. Therefore, the comparison operator needs to be change...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred due to stale SRB accesses during I/O timeouts. Ensured that the SRB is returned during the escalation of an I/O timeout error. If this is not possible, the escalation path is failed...