Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fixed NULL dereferencing in error handling The following issue was reported: drivers/scsi/qedf/qedfmain.c:3056 qedfallocglobalqueues Warn: Missing unwind goto? At this point in the function, nothing has been allocated...

SUSE CVE-2023-54289

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedfmain.c:3056 qedfallocglobalqueues warn: missing unwind goto? At this point in the function, nothing has been allocated so we can return...

EUVD-2023-60515

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedfmain.c:3056 qedfallocglobalqueues warn: missing unwind goto? At this point in the function, nothing has been allocated so we can return...

CVE-2023-54289

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedfmain.c:3056 qedfallocglobalqueues warn: missing unwind goto? At this point in the function, nothing has been allocated so we can return...

CVE-2023-54289

CVE-2023-54289: Linux kernel SCSI qedf NULL-dereference in error path. The issue occurs when qedf_alloc_global_queues() handles an error before any allocation; qedf_free_global_queues() would dereference a NULL gl, causing a crash. The fixed behavior returns early when nothing has been allocated ...

CVE-2023-54289

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedfmain.c:3056 qedfallocglobalqueues warn: missing unwind goto? At this point in the function, nothing has been allocated so we can return...

TencentOS Server 4: kernel (TSSA-2025:0437)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0437 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990277 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987653 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stagwork to all the vports Call trace seen when creating NPIV ports, only 32 out ...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-403064)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-403064 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedfallocandinitsb Hook qedops-common-sbinit = qedsbini...

CLSA-2025-1757963029 kernel-uek: Fix of 194 CVEs

rds: tcp: block BH in TCP callbacks - kexec: Improve & fix crashexcludememrange to handle overlapping ranges - module: correctly exit modulekallsymsoneachsymbol when fn != 0 - module: potential uninitialized return in modulekallsymsoneachsymbol - module: use RCU to synchronize findmodule -...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of a certain size and copy data from user space to that buffer. Later, we use kstrtouint on this buffer, but we do not...

CVE-2024-56748 scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedfallocandinitsb Hook "qedops-common-sbinit = qedsbinit" does not release the DMA memory sbvirt when it fails. Add dmafreecoherent to free it. This is the same way as qedrallocmemsb and...

kernel: scsi: qedf: Ensure the copied buf is NUL terminated

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is...

kernel: scsi: qedf: Ensure the copied buf is NUL terminated

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is...

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2024-2120)

"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration...

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2024-2140)

"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted...

SUSE CVE-2024-42124

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code in qedfexecutetmf90. This results in BUGON when running an RT kernel. 659.343280 BUG: using smpprocessorid in preemptible 00000000...

DEBIAN-CVE-2024-42124

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code in qedfexecutetmf90. This results in BUGON when running an RT kernel. 659.343280 BUG: using smpprocessorid in preemptible 00000000...

UBUNTU-CVE-2024-42124

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code in qedfexecutetmf90. This results in BUGON when running an RT kernel. 659.343280 BUG: using smpprocessorid in preemptible 00000000...