7 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002608)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002608 advisory. Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003200)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003200 advisory. The biomapuseriov and biounmapuser functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive...
SUSE CVE-2021-3392
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...
kernel: memory leak when merging buffers in SCSI IO vectors
It was found that in the Linux kernel through v4.14-rc5, biomapuseriov and biounmapuser in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bioaddpcpage merges them into one, but the page reference is never dropped, causing a...
CVE-2016-7423
A flaw was found in the Quick EmulatorQEMU built with LSI SAS1068 Host Bus emulation support, where it is vulnerable to an invalid memory-access issue. The flaw could occur while processing SCSI IO requests in the mptsasprocessscsiiorequest routine. A privileged user inside the guest could use th...
kernel: possible privilege escalation via SG_IO ioctl
The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...
kernel: possible privilege escalation via SG_IO ioctl
The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...