71 matches found
CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation.
A flaw was found in the Linux kernel's qla2xxx block SCSI generic bsg interface. This vulnerability, a double free, occurs because certain vendor-specific handlers incorrectly call the bsgjobdone function on both successful and failed operation paths. A local user could exploit this to trigger...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010828)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010828 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Do not sleep in atomic context sgfinishremreq calls blkrqunmapuser. The latter function...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011268)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011268 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the...
kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation.
A flaw was found in the Linux kernel's qla2xxx block SCSI generic bsg interface. This vulnerability, a double free, occurs because certain vendor-specific handlers incorrectly call the bsgjobdone function on both successful and failed operation paths. A local user could exploit this to trigger...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005196)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005196 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sgrelease Fix a use-after-free bug in sgrelease, detect...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003387)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003387 advisory. The sgioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service stack-based buffer overflow or possibly...
CVE-2025-68288
In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the 'ioctlsg01' test from Linux Test Project LTP. The following bytes were mainly observed: 0x53425355. When USB storage devices incorrect...
CVE-2025-40259
CVE-2025-40259 : In the Linux kernel, the sg (SCSI generic) driver could sleep in atomic context via sg_finish_rem_req() -> blk_rq_unmap_user(). The fix calls sg_finish_rem_req() with interrupts enabled to prevent sleeping in atomic context. Multiple advisories (Debian DLA-4436-1; Amazon Linux...
Linux Distros Unpatched Vulnerability : CVE-2017-14991
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sgioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel...
UBUNTU-CVE-2022-50215
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...
kernel: scsi: sg: Fix slab-use-after-free read in sg_release()
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sgrelease Fix a use-after-free bug in sgrelease, detected by syzbot with KASAN: BUG: KASAN: slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...
kernel: scsi: sg: Avoid sg device teardown race
The bug is about a race condition in the Linux kernel's SCSI generic sg driver. The problem occurs during the removal of devices when the driver accesses a resource requestqueue that may have already been freed, leading to a NULL pointer dereference. This issue can result in system crashes,...
SUSE CVE-2016-9576
The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a /dev/sg device...
SUSE CVE-2019-6501
In QEMU 3.1, scsihandleinquiryreply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations...
rhel and virt-devel:rhel bug fix update
An update is available for libguestfs, libnbd, libtpms, libguestfs-winsupport, nbdkit, supermin, libiscsi, hivex, libvirt, netcf, perl-Sys-Virt, seabios, qemu-kvm, swtpm, virt-v2v, sgabios, libvirt-dbus, libvirt-python. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...
The vulnerability of the hw/scsi/scsi-generic.c component of the QEMU hardware emulation software, related to reading data beyond the buffer’s acceptable limits, allows a malicious actor to cause a service failure.
The vulnerability of the hw/scsi/scsi-generic.c component of the QEMU hardware emulation software is related to reading data from within acceptable buffer limits. Exploiting this vulnerability can allow an attacker to cause a system failure...
SUSE: Security Advisory (SUSE-SU-2016:3248-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: sg_write function lacks an sg_remove_request call in a certain failure case
A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...
kernel: sg_write function lacks an sg_remove_request call in a certain failure case
A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...