27 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fixed a possible Use-after-Allocation UAF in snictgtcreate A warning is reported as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warning: &‘tgt-list’ was not removed from the list If the deviceadd function...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must also call dput; otherwise, a memory leak will occur over time. To simplify things, simply call debugfslookupandremove, which...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013553)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013553 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows:...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013372)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013372 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows:...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011290)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011290 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005629)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005629 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005653)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005653 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name...
Linux Distros Unpatched Vulnerability : CVE-2022-50840
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warn: '&tgt-list' not removed...
CVE-2022-50840
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warn: '&tgt-;list' not removed from list If deviceadd fails in snictgtcreate, tgt will be freed, bu...
CVE-2022-50840
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warn: '&tgt-list' not removed from list If deviceadd fails in snictgtcreate, tgt will be freed, but...
CVE-2022-50840 scsi: snic: Fix possible UAF in snic_tgt_create()
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warn: '&tgt-list' not removed from list If deviceadd fails in snictgtcreate, tgt will be freed, but...
PT-2025-53958
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the snic tgt create function in the SCSI subsystem. Specifically, if device add fails during the creation of a target, the target’...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992520)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992520 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name...
Linux Distros Unpatched Vulnerability : CVE-2023-53436
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd...
SUSE CVE-2023-53436
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to give up the reference in the error...
CVE-2023-53414
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
CVE-2023-53436
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to give up the reference in the error...
UBUNTU-CVE-2023-53436
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to give up the reference in the error...
CVE-2023-53436
CVE-2023-53436 : In the Linux kernel, the scsi: snic path had a memory leak when device_add() fails because the name allocated by dev_set_name() wasn’t freed. The fix releases the reference in the error path by calling put_device(), allowing kobject_cleanp() to free the name. The vulnerability’s ...
CVE-2023-53436 scsi: snic: Fix possible memory leak if device_add() fails
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to give up the reference in the error...