28 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006918)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006918 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011337)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011337 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001495)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001495 advisory. An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsitransportiscsi.c is adversely affected by the ability of an unprivileged user to craft...
SUSE CVE-2022-50727
In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...
UBUNTU-CVE-2022-50727
In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989835)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989835 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Fix error handling in sasphyadd If transportadddevice fails in sasphyadd,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987655)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987655 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy functio...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414641)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414641 advisory. An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsitransportiscsi.c is adversely affected by the ability of an unprivileged user to craft...
EUVD-2025-12937
Malicious code in bioql PyPI...
EUVD-2024-51899
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-49839
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: scsitransportsas: Fix error handling in sasphyadd If transportadddevice fails in sasphyadd, the kernel will crash trying to delete the device in...
SUSE CVE-2023-53124
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sastransportportadd Port is allocated by sasportallocnum and rphy is allocated by either sasenddevicealloc or sasexpanderalloc, all of which may return NULL. So we need to check the...
CVE-2022-49839 scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Fix error handling in sasphyadd If transportadddevice fails in sasphyadd, the kernel will crash trying to delete the device in transportremovedevice called from sasremovehost. Unable to handle kernel NULL...
CVE-2022-49839 scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Fix error handling in sasphyadd If transportadddevice fails in sasphyadd, the kernel will crash trying to delete the device in transportremovedevice called from sasremovehost. Unable to handle kernel NULL...
CVE-2022-49839
In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Fix error handling in sasphyadd If transportadddevice fails in sasphyadd, the kernel will crash trying to delete the device in transportremovedevice called from sasremovehost. Unable to handle kernel NULL...
AZL-55434 CVE-2024-53227 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dumpstacklvl+0x95/0xe0 printreport+0xcb/0x6...
UBUNTU-CVE-2024-53227
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dumpstacklvl+0x95/0xe0 printreport+0xcb/0x6...
CVE-2024-53227
CVE-2024-53227 concerns a Linux kernel use-after-free in bfad_im_module_exit() triggered by a double release path. The issue occurs when bfad_init() calls bfad_im_module_init() and on error path executes ext: bfad_im_module_exit(); followed by a second fc_release_transport, causing a use-after-fr...
kernel: scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Fix error handling in sasphyadd If transportadddevice fails in sasphyadd, the kernel will crash trying to delete the device in transportremovedevice called from sasremovehost. Unable to handle kernel NULL...
PT-2025-53031
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the efct device init function within the Linux kernel. Specifically, when efct scsi reg fc transport fails, the efct scsi tgt driver exit function is not called,...