CVE-2026-23306

A flaw was found in the Linux kernel, specifically within the pm8001 SCSI driver and the libsas library. An incorrect return value in the pm8001queuecommand function, when a physical device is down or gone, can lead to a double free vulnerability. This occurs because the function frees a Serial...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989113)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989113 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fcexchabtsresp fcexchreleaseep will decrease the ep's referenc...

CVE-2025-38700

In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsiconn-dddata only if memory is allocated In case of an ibfastregmr allocation failure during iSER setup, the machine hits a panic because iscsiconn-dddata is initialized unconditionally, even when n...

kernel: scsi: libfc: Fix use after free in fc_exch_abts_resp()

A vulnerability was found in the Linux kernel's SCSI libfc library in the fcexchabtsresp function, which can lead to a use-after-free scenario. This issue can occur because the function calls fcexchrelease, which decrements a reference count stored in the ep object and then frees the object once...

kernel: scsi: libfc: Fix use after free in fc_exch_abts_resp()

A vulnerability was found in the Linux kernel's SCSI libfc library in the fcexchabtsresp function, which can lead to a use-after-free scenario. This issue can occur because the function calls fcexchrelease, which decrements a reference count stored in the ep object and then frees the object once...

UBUNTU-CVE-2022-49114

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fcexchabtsresp fcexchreleaseep will decrease the ep's reference count. When the reference count reaches zero, it is freed. But ep is still used in the following code, which will lead to a use...

kernel: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fclportptpsetup fclportptpsetup did not check the return value of fcrportcreate which can return NULL and would cause a NULL pointer dereference. Address this issue by checki...

kernel: scsi: libfc: Fix use after free in fc_exch_abts_resp()

A vulnerability was found in the Linux kernel's SCSI libfc library in the fcexchabtsresp function, which can lead to a use-after-free scenario. This issue can occur because the function calls fcexchrelease, which decrements a reference count stored in the ep object and then frees the object once...

The vulnerability in the `drivers/scsi/libsas/sas_expander.c` component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability in the drivers/scsi/libsas/sasexpander.c component of the Linux operating system is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a hacker to cause service failures...