Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A NULL pointer dereferencing occurred after calling stargettorport. Calls to stargettorport may return NULL. Add a check for NULL rport before dereferencing...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed issues with ioremap in lpfcsli4pcimemsetup. When iftype equals zero and pciresourcestartpdev, PCI64BITBAR4 returns false, drbl regsmemmapp is not remapped. This passes a NULL pointer to iounmap, which can...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move the cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 using LOGTRACEEVENT, the following hard lockup occurred, causing the system to hang. Call Trace: rawspinlockirqsave+0x32/0x40...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a possible memory leak in lpfcrcvpadisc The call to lpfcsli4resumerpi in lpfcrcvpadisc may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion function is not called, and thus...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed the call trace observed during I/O with CMF enabled. The following issue was observed with CMF enabled: BUG: Using smpprocessorid in a preemptible context. Code: systemd-udevd/31711 Kernel: Caller is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Fixed a null pointer dereferencing after failing to issue FLOGI and PLOGI commands. If lpfcissueelsflogi fails and returns a non-zero status, the node’s reference count is decremented to trigger the release of the...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011371 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007586)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007586 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006725 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1397)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in mdwakeupthreadCVE-2025-68374...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1366)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in mdwakeupthreadCVE-2025-68374...

kernel: Linux kernel: Denial of service due to use-after-free in scsi: lpfc

A flaw was found in the Linux kernel's scsi: lpfc component. This vulnerability involves a use-after-free error in the devlosstmocallbk function. During driver unload or fatal error handling, a previously freed object could be accessed. This could allow a local attacker to cause a system crash,...

RHEL 10 : kernel (RHSA-2026:4111)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4111 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: pagepool: Fix use-after-free ...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc1252542...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: Linux kernel: Denial of service due to use-after-free in scsi: lpfc

A flaw was found in the Linux kernel's scsi: lpfc component. This vulnerability involves a use-after-free error in the devlosstmocallbk function. During driver unload or fatal error handling, a previously freed object could be accessed. This could allow a local attacker to cause a system crash,...

RHEL 9 : kernel (RHSA-2026:1194)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1194 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ntbhwswitchtec: Fix...

MiracleLinux 8 : kernel-4.18.0-553.81.1.el8_10 (AXSA:2025-11004:84)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11004:84 advisory. kernel: Bluetooth: L2CAP: fix bad unlock balance in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare...

MiracleLinux 9 : kernel-5.14.0-570.42.2.el9_6 (AXSA:2025-10887:69)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10887:69 advisory. kernel: drm/vkms: Fix use after free and double free on init error CVE-2025-22097 kernel: scsi: lpfc: Use memcpy for BIOS version CVE-2025-38332...

EUVD-2022-55871

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfccreateport Commit 5e633302ace1 "scsi: lpfc: vmid: Add support for VMID in mailbox command" introduced allocations for the VMID resources in lpfccreateport after the call to scsihostalloc. Upon...