CVE-2026-45855 ata: libata-scsi: avoid Non-NCQ command starvation

In the Linux kernel, the following vulnerability has been resolved: ata: libata-scsi: avoid Non-NCQ command starvation When a non-NCQ command is issued while NCQ commands are being executed, atascsiqcissue indicates to the SCSI layer that the command issuing should be deferred by returning...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003325 advisory. The srdoioctl function in drivers/scsi/srioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service stack-based buffer overflow or...

PT-2026-6180

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A race condition exists within the SCSI layer of the Linux kernel that can prevent the error handler from being woken up, leading to stuck I/O operations. This occurs due to memory...

EUVD-2018-3535

Malware in sbrugna...

EUVD-2007-4291

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-26931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer...

SUSE CVE-2024-36952

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vport is unregistered...

CVE-2024-26931 scsi: qla2xxx: Fix command flush on cable pull

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 1 SMP NOPTI CPU: 27...

CVE-2024-26917 scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip-ctlrlock" This reverts commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, since it changed sping locks from "bh" to...

CVE-2018-11506

The srdoioctl function in drivers/scsi/srioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as...

DEBIAN-CVE-2018-11506

The srdoioctl function in drivers/scsi/srioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as...

CVE-2018-11506

The srdoioctl function in drivers/scsi/srioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...

kernel: Missing ioctl() permission checks in aacraid driver

The 1 aaccfgopen and 2 aaccompatioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges...

openSUSE 10 Security Update : kernel (kernel-4752)

This kernel update fixes the following security problems : ++ CVE-2007-3104: The sysfsreaddir function in the Linux kernel 2.6 allows local users to cause a denial of service kernel OOPS by dereferencing a NULL pointer to an inode in a dentry. ++ CVE-2007-4997: A 2 byte buffer underflow in the...

Mandrake Linux Security Advisory : kernel (MDKSA-2007:195)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool si...

CVE-2007-4308

The 1 aaccfgopen and 2 aaccompatioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges...

Path traversal

The 1 aaccfgopen and 2 aaccompatioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges...

CVE-2007-4308

The 1 aaccfgopen and 2 aaccompatioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges...

CVE-2007-4308

CVE-2007-4308 affects the Linux kernel’s SCSI aacraid driver, specifically the functions aac_cfg_open and aac_compat_ioctl . The advisory reports that these ioctl handlers did not perform permission checks, enabling a local user to cause a denial of service or potentially gain privileges. Affecte...