Lucene search
K

165 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 10:59 a.m.7 views

kernel: scsi: qla2xxx: Completely fix fcport double free

A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...

9.8CVSS6.7AI score0.0038EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred during module load/unload tests. During purex packet handling, the driver incorrectly freed a pre-allocated structure. This issue was fixed by skipping that specific entry in the code...

5.5CVSS6.2AI score0.00273EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed premature hardware access after a PCI error After a recoverable PCI error is detected and resolved, the qla driver needs to check whether the error condition still exists and/or wait for the operating syst...

5.5CVSS6.5AI score0.00252EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/20 11:40 p.m.11 views

kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation.

A flaw was found in the Linux kernel's qla2xxx block SCSI generic bsg interface. This vulnerability, a double free, occurs because certain vendor-specific handlers incorrectly call the bsgjobdone function on both successful and failed operation paths. A local user could exploit this to trigger...

7.8CVSS5.8AI score0.00194EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Synchronize the IOCB count to be in order A system hang was observed with the following call trace: BUG: Kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 15...

5.5CVSS6.2AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Perform lockless command completion in the abort path When adding or removing controllers, the following call trace was observed: WARNING: CPU: 3 PID: 623596 at kernel/dma/mapping.c:532 dmafree attrs+0x33/0x50 CPU:...

5.5CVSS6.3AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixing the deletion race condition A system crash occurs when using the debug kernel due to corruption of the link list. The cause of the link list corruption is that session deletion was allowed to occur twice...

4.7CVSS6.3AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid. The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC0: controller connect complete localhost kernel: BUG: Using smpprocessorid in preemptible...

5.5CVSS6.1AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Unused nvmelswaitq wait queue has been removed. A system crash occurs when qla2x00startspsp returns an error code EGAIN, and the wakeup function is called for an uninitialized wait queue sp-nvmelswaitq. - qla2xx...

5.5CVSS6.4AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fixed the DMA-API call trace for NVMe LS requests. The following message and call trace were observed with debug kernels: DMA-API: qla2xxx 0000:41:00.0: The device driver failed to check the map error device...

5.2AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 12:0 a.m.21 views

ALSA-2026:19568 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...

9.8CVSS6.7AI score0.93235EPSS
Exploits45References36
RedhatCVE
RedhatCVE
added 2026/05/08 10:51 p.m.10 views

CVE-2026-43414

A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...

9.8CVSS5.8AI score0.0038EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.8 views

AlmaLinux 10 : kernel (ALSA-2026:9264)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:9264 advisory. kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item...

7.8CVSS5.5AI score0.00171EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Oracle Linux 8 : kernel (ELSA-2026-9131)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9131 advisory. - dlm: prevent NPD when writing a positive value to eventdone Alexander Aring RHEL-136236 CVE-2025-23131 - scsi: qla2xxx: Fix improper freeing of purex...

7.8CVSS6.1AI score0.00171EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/21 1:8 p.m.9 views

kernel: scsi: qla2xxx: Fix improper freeing of purex item

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...

5.6AI score0.00171EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.11 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013219)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013219 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fcbsgtorport Klocwork reported warning of rport mayb...

6.1AI score0.00177EPSS
Exploits0References4
OSV
OSV
added 2026/04/20 12:0 a.m.6 views

ALSA-2026:9135 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: ALSA: aloop: Fix racy access at PCM trigger CVE-2026-2319...

7.8CVSS5.7AI score0.00171EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.7 views

Oracle Linux 10 : kernel (ELSA-2026-6053)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6053 advisory. - scsi: qla2xxx: Fix bsgdone causing double free Ewan D. Milne RHEL-153413 CVE-2025-71238 Tenable has extracted the preceding description block direct...

7.8CVSS6AI score0.00812EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2026/03/05 9:4 a.m.6 views

scsi: qla2xxx: Fix bsg_done() causing double free

...

7.8CVSS5.8AI score0.00194EPSS
Exploits0
OSV
OSV
added 2026/03/04 3:16 p.m.5 views

DEBIAN-CVE-2025-71238

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsgdone causing double free Kernel panic observed on system, 5353358.825191 BUG: unable to handle page fault for address: ff5f5e897b024000 5353358.825194 PF: supervisor write access in kernel mode 5353358.82519...

7.8CVSS5.2AI score0.00194EPSS
Exploits0References1
Rows per page
Query Builder