380 matches found
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred when I/O abort times out. During CPU hotplug, a crash was observed with the following stack: Call Trace: qla24xxprocessresponsequeue+0x42a/0x970 qla2xxx qla2x00startnvmemq+0x3a2/0x4b0...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred during module load/unload tests. During purex packet handling, the driver incorrectly freed a pre-allocated structure. This issue was fixed by skipping that specific entry in the code...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed premature hardware access after a PCI error After a recoverable PCI error is detected and resolved, the qla driver needs to check whether the error condition still exists and/or wait for the operating syst...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed the deadlock issue in the SCSI I/O completion and abort handling routines. During stress I/O tests with 500+ vports, hard lockup calls were observed. CPU A: - nativequeuedspinlockslowpath+0x192 -...
CVE-2026-46105
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: megaraidsas: A resource leak has been fixed in case of probe failures. The driver does not properly clean up all allocated resources when the scsiaddhost or megasasstartaen functions fail during the PCI device probe. All...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed the sashba.phy memory leak in mpi3mrremove Released mrioc-sashba.phy at .remove...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fixed a crash in fnicwqcmplhandler when FDMI times out. When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. Upon completion of the sending process, this leads to a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use the number of bits to manage bitmap sizes. To allocate bitmaps, the mpi3mr driver calculates the sizes of bitmaps using bytes as the unit. However, bitmap helper functions assume that bitmaps are allocated using...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport A system crash may occur due to using resources after they have been freed. The current code allows terminaterportio to exit before ensuring that all I/O operations have...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: ibmvfc: Queue resources are only allocated/free during probe/remove operations. Currently, sub-queues and event pool resources are allocated/free for every CRQ connection event, such as reset and LPM. This exposes the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed the link-down processing to address the issue of NULL pointer dereferencing. If a FC link-down transition occurs while PLOGIs are outstanding and the fabric-known addresses are involved, outstanding ABTS request...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed null ndlp pointer dereferencing in an abnormal exit path for GFTID An error case resulting from exiting from lpfccmplctcmdgftid causes a call to lpfcnlpput, where a null pointer is used to reference the nodelist...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A possible memory leak has been fixed when attempting to issue a CMF WQE. There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc in lpfcsli4cgnparamsread. If kzalloc fails in lpfcsli4cgnparamsread, then we rely on lpfcreadobject’s routine to perform a NULL check on pdata. Currently, an early return error is thrown from...
CVE-2026-43473
A flaw was found in the Linux kernel's mpi3mr SCSI driver. When the creation of reply or request queues fails, the driver may attempt to access and modify memory that has already been freed during cleanup. This can be exploited by a local user, leading to a system crash and a Denial of Service Do...
EUVD-2026-28720
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
UBUNTU-CVE-2026-43413
In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Fix NULL pointer exception during userscan userscan invokes updated sasuserscan for channel 0, and if successful, iteratively scans remaining channels 1 to shost-maxchannel via scsiscanhostselected in commit...
UBUNTU-CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
CVE-2026-43473 scsi: mpi3mr: Add NULL checks when resetting request and reply queues
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation o...