EUVD-2025-13137

Malicious code in bioql PyPI...

Oracle VirtualBox VirtIO-SCSI Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2023-53140

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56747)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56747 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak i...

CVE-2022-49376 scsi: sd: Fix potential NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix potential NULL pointer dereference If sdprobe sees an early error before sdkp-device is initialized, sdzbcreleasedisk is called. This causes a NULL pointer dereference when sdiszoned is called inside that function...

CVE-2024-53227

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dumpstacklvl+0x95/0xe0 printreport+0xcb/0x6...

CVE-2024-56748

CVE-2024-56748 affects the Linux kernel SCSI qedf driver (QLogic/QED) where memory allocated for sb (scsi block) was leaked on sb_init failure. The root cause was that the dma memory sb_virt allocated for the SB was not freed when qed_ops->common->sb_init failed, leading to a memory leak. T...

CVE-2024-53227 scsi: bfa: Fix use-after-free in bfad_im_module_exit()

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dumpstacklvl+0x95/0xe0 printreport+0xcb/0x6...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a memory leak in the qedfallocandinitsb function in the scsi:qedf module...

Unspecified vulnerability in Linux kernel (CNVD-2024-35102)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that when storing information in the scsi:mpi3mr module, the value of mrsasport-phymask may be larg...

CVE-2021-47480

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SCSI host instance is...

PT-2025-18805

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-96.el9.x86 64 Description A vulnerability in the Linux kernel has been resolved, specifically in the scsi: qla2xxx module. The issue occurred when a command was completed in the abort path during driver...

PT-2023-33606 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: A potential issue exists in the Linux Kernel, specifically in the lpfc scsi module, where reading the rx monitor from debugfs can cause a hard lockup. The actual impact and attack plausibili...

PT-2022-36285 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.34 through 5.10.155 Description: The issue is related to a double free of FSF request when qdio send fails in the zfcp scsi module. The actual impact and attack plausibility have not yet been proven. Recommendations:...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.26.1 - netfilter: xtTCPMSS: add more sanity tests on tcph-doff Eric Dumazet Orabug: 27896807 CVE-2017-18017 - scsi: libsas: fix memory leak in sassmpgetphyevents Jason Yan Orabug: 27927692 CVE-2018-7757...

dracut security, bug fix, and enhancement update

004-336.0.1 - do not strip modules with signatures. orabug 17458249 Jerry Snitselaar - scsiwait module removed in 3.8. Mute errors. orabug 16977193 Maxim Uvarov find firmware in /lib/modules/firmware/2.6.32-400.1.1.el5uek first and /lib/modules/firmware second Resolves: Orabug: 13351090 - Fix btr...