14 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010999)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010999 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addldescptr out-of-bounds accesses Sanitize possible addldescptr...
OESA-2025-2768 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is ...
PT-2025-44276
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to SCSI Enclosure Services SES. Specifically, the issue involves potential out-of-bounds accesses to addl desc ptr within the ses enclosure data...
EUVD-2010-3572
Malware in sbrugna...
CVE-2023-53521 scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in sesintfremove A fix for: BUG: KASAN: slab-out-of-bounds in sesintfremove+0x23f/0x270 ses Read of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013 When edev-components is zero, accessing...
DEBIAN-CVE-2023-53431
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...
CVE-2023-53431
The CVE-2023-53431 entry concerns Linux kernel SCSI SES: the fix ensures graceful handling when an enclosure has a primary component but no secondary components. Previously, devices with one primary enclosure and zero secondary enclosures could cause ses_intf_add() to bail, potentially triggering...
kernel: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
An out-of-bounds read vulnerability was found in the SCSI Enclosure Services SES driver in the Linux kernel. The sesenclosuredataprocess function lacks proper bounds checking when processing additional descriptor pointers, allowing reads beyond allocated slab memory when handling malformed...
kernel: Linux kernel: Denial of Service in scsi_ses due to enclosure with no components
A flaw was found in the Linux kernel's scsi: ses driver. A local attacker could trigger a kernel crash oops by attempting to manage a SCSI enclosure that reports having no components. This could lead to a Denial of Service DoS on the affected system...
kernel: scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
An out-of-bounds read vulnerability was found in the SCSI Enclosure Services SES driver in the Linux kernel. The sesenclosuredataprocess function lacks proper bounds checking when processing additional descriptor pointers, allowing reads beyond allocated slab memory when handling malformed...
CVE-2010-3576
Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver...
Design/Logic Flaw
Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver...
CVE-2010-3576
CVE-2010-3576 is a local vulnerability affecting Oracle Solaris 8, 9, 10 and OpenSolaris in the SCSI enclosure services device driver. The issue can affect integrity and availability (partial impact) but requires local access (no remote exploitation). The CVSS 2.0 base score is 3.6 (LOW) with low...
CVE-2010-3576
Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver...