CVE-2026-31412 usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

EUVD-2026-15246

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free in pm8001queuecommand Commit e29c47fe8946 "scsi: pm8001: Simplify pm8001taskexec" refactors pm8001queuecommand, however it introduces a potential cause of a double free scenario when it changes th...

SUSE CVE-2025-68818

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to qla2x00abortallcmds to call sp-done without...

CVE-2019-11885

eyeDisk implements the unlock feature by sending a cleartext password. The password can be discovered by sniffing USB traffic or by sending a 06 05 52 41 01 b0 00 00 00 00 00 00 SCSI command...

CVE-2019-20175

An issue was discovered in idedmacb in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSIIOCTLSENDCOMMAND. It hits an assertion that implies that the size of successful DMA transfers there must be a multiple of 512 the size...

EUVD-2012-4470

Malware in sbrugna...

EUVD-2011-4075

Malware in sbrugna...

EUVD-2019-3543

Malware in sbrugna...

EUVD-2015-8490

Malware in sbrugna...

EUVD-2024-28143

Malicious code in bioql PyPI...

EUVD-2025-5180

Malicious code in bioql PyPI...

CVE-2023-53510

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...

AZL-75243 CVE-2023-53510 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...

CVE-2025-39841 scsi: lpfc: Fix buffer free/clear order in deferred receive path

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only then cleared the...

CVE-2025-38119

In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and...

CVE-2025-38119 scsi: core: ufs: Fix a hang in the error handler

In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: At the ata subsystem, in the libata-sff module, there is a issue where it is ensured that data cannot be written outside of the allocated buffer. Reveliofuzzing reported that an SCSIIOCTLSENDCOMMAND ioctl call, with outlen set to...

PT-2025-27705

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A hang in the error handler of the Linux kernel's UFS Universal Flash Storage driver has been resolved. The issue occurred because ufshcd err handling prepare calls ufshcd rpm get sync...

kernel security update

4.18.0-553.50.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Linux Distros Unpatched Vulnerability : CVE-2021-47191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: scsidebug: Fix out-of-bound read in respreadcap16 The following warning was observed running syzkaller: 3813.830724 sgwrite: data in/out 65466/242 bytes f...