EUVD-2026-27752

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...

CVE-2026-43192

The provided sources describe CVE-2026-43192 as a Linux kernel issue in the device-mapper multipath (dm mpath) subsystem. A missing cleanup (dm_put_device) when failing to retrieve the SCSI handler name during path parsing (scsi_dh_attached_handler_name) could leak references to the path device. ...

ROS-20260414-73-0049

A vulnerability in the storvschostresethandler function of the drivers/scsi/storvscdrv.c module of the Linux kernel SCSI device driver is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001599 advisory. Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying...

EUVD-2010-4139

Malware in sbrugna...

EUVD-2010-4138

Malware in sbrugna...

EUVD-2021-27146

Malware in sbrugna...

EUVD-2010-4633

Malware in sbrugna...

EUVD-2012-2436

Malware in sbrugna...

EUVD-2024-22218

Malicious code in bioql PyPI...

SUSE CVE-2023-53241

In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with "trivial" replies, nfsd4encodeoperation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is callin...

DEBIAN-CVE-2023-53245

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them in a guest VM as a SCSI device. I/O to the vFC device is handled by the...

UBUNTU-CVE-2023-53241

In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with "trivial" replies, nfsd4encodeoperation will shortcut most of the encoding work and skip to just marshalling up the status. One of the things it skips is callin...

CVE-2025-38238

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fix crash in fnicwqcmplhandler when FDMI times out When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. On send completion, this causes an attempt to free the same fram...

CVE-2022-50215

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...

CVE-2022-50215

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...

CVE-2022-50215

CVE-2022-50215 : Linux kernel fix for SCSI (sg) behavior when a device is removed during active usage. The issue was that sg previously returned -ENODEV for waiting on active commands after removal, which could cause memory corruption for READs or data corruption on WRITE due to buffers still in ...

CVE-2022-50215 scsi: sg: Allow waiting for commands to complete on removed device

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...

CVE-2022-50215 scsi: sg: Allow waiting for commands to complete on removed device

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...

Linux Distros Unpatched Vulnerability : CVE-2024-49891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths When the HBA is undergoing a reset or is handling an errata event, NULL ptr...