Astra Linux - уязвимость в linux, linux-5.10

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c within the Linux kernel. This flaw allows a local attacker with special user privileges CAPSYSADMIN or CAPSYSRAWIO to cause confidentiality issues...

kernel security update

6.12.0-124.31.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414502 advisory. A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a...

AZL-68973 CVE-2025-21738 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSIIOCTLSENDCOMMAND ioctl with outlen set to 0xd42, SCSI command set to ATA16 PASS-THROUGH, ATA command set to ATANOP, and...

The vulnerability of the scsi_ioctl function (drivers/scsi/scsi_ioctl.c) in the Linux operating system, which allows a hacker to increase their privileges

The vulnerability of the scsiioctl function drivers/scsi/scsiioctl.c in the Linux operating system is related to the improper handling of SCSI device classes during SCSI command authorization. Exploiting this vulnerability can allow an attacker to enhance their privileges...

kernel: information leak in scsi_ioctl()

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

kernel: information leak in scsi_ioctl()

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

kernel: information leak in scsi_ioctl()

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

kernel: information leak in scsi_ioctl()

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO CVE-2021-47435 A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO CVE-2021-47435 A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local...

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

...

DEBIAN-CVE-2022-0494

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

CVE-2022-0494

A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege CAPSYSADMIN or CAPSYSRAWIO to create issues with confidentiality...

PT-2019-4874 · Qemu +2 · Qemu +2

Name of the Vulnerable Software and Affected Versions: QEMU versions 2.4.0 through 4.2.0 Description: An issue was discovered in the ide dma cb function, which can cause the QEMU process in the host system to crash via a special SCSI IOCTL SEND COMMAND. This issue implies that the size of...

DEBIAN-CVE-2017-14991

The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SGGETREQUESTTABLE ioctl call for /dev/sg0...

UBUNTU-CVE-2012-4542

block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping opcodes...

PT-2012-1244 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.9 Description: The issue is related to the scsi ioctl function in the Linux kernel, which does not properly consider the SCSI device class during authorization of SCSI commands. This allows local users to bypa...

CVE-2005-0180

Multiple integer signedness errors in the sgscsiioctl function in scsiioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copyfromuser and copytouser functions...

security flaw

Multiple integer signedness errors in the sgscsiioctl function in scsiioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copyfromuser and copytouser functions...