Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003387 advisory. The sgioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service stack-based buffer overflow or possibly...

kernel: scsi: sg: Avoid sg device teardown race

The bug is about a race condition in the Linux kernel's SCSI generic sg driver. The problem occurs during the removal of devices when the driver accesses a resource requestqueue that may have already been freed, leading to a NULL pointer dereference. This issue can result in system crashes,...

SUSE: Security Advisory (SUSE-SU-2016:3248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: sg_write function lacks an sg_remove_request call in a certain failure case

A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...

kernel: sg_write function lacks an sg_remove_request call in a certain failure case

A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4419-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4419-1 advisory. It was discovered that a race condition existed in the Precision Time Protocol PTP implementation in the Linux kernel, leading to a use-after- free...

Ubuntu: Security Advisory (USN-4419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4413-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4413-1 advisory. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer....

USN-4413-1 linux-gke-5.0, linux-oem-osp1 vulnerabilities

Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service system crash. CVE-2020-10711 It was discovered that the SCSI generic sg driver in...

Ubuntu: Security Advisory (USN-3360-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3360-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...

Linux kernel 'sg_ioctl' function denial of service vulnerability

Linux kernel is an open source operating system. A security vulnerability exists in the 'sgioctl' function in the drivers/scsi/sg.c file of Linux kernel. A local attacker can exploit this vulnerability to conduct a denial of service attack and crash the system...

Updated kernel and kmod packages fix security vulnerabilities

This update is based on upstream 4.4.39 and fixes at least the following security issues: Due to lack of size checking on ICMP header length, it is possible to cause out-of-bounds read on stack CVE-2016-8399 A use-after-free vulnerability in the SCSI generic driver allows users with write access ...

SUSE SLES11 Security Update : kernel (SUSE-SU-2016:3252-1)

The SUSE Linux Enterprise 11 SP 2 kernel was updated to fix two security issues. The following security bugs were fixed : - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg or /dev/bsg to elevate their privileges bsc1013604. -...

SUSE SLES11 Security Update : kernel (SUSE-SU-2016:3248-1)

The SUSE Linux Enterprise 11 SP 3 kernel was updated to fix two security issues. The following security bugs were fixed : - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg or /dev/bsg to elevate their privileges bsc1013604. -...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:3146-1)

The SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues. The following security bugs were fixed : - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg or /dev/bsg to elevate their privileges bsc1013604. -...

openSUSE Security Update : the Linux Kernel (openSUSE-2016-1438)

The openSUSE 14.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg or /dev/bsg to elevate their privileges bsc1013604. The...

Security update for the openSUSE Leap 42.1 kernel. (important)

The openSUSE Leap 42.1 kernel has been updated to fix a security issue: - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg or /dev/bsg to elevate their privileges bsc1013604...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2759-1)

It was discovered that an integer overflow error existed in the SCSI generic sg driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-5707 Marc-Andre...

Ubuntu: Security Advisory (USN-2760-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...