Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsi.debug: Fixed an out-of-bound read in respreporttgtpgs. The following issues were observed while running syzkaller: BUG: KASAN: Out-of-bound access in memcpy in include/linux/string.h:377 inline. BUG: KASAN:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fixed an out-of-bound read in respreadcap16 The following warning was observed when running syzkaller: 3813.830724 sgwrite: Data size 65466/242 bytes for the SCSI command 0x9e—guessing data size as 65466/242 byte...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsidebug: Fixed the type of mint to avoid stack out-of-bounds situations. Changed mint to use the type “u32” instead of “int” to prevent stack out-of-bounds conditions. When mint uses the “int” type, values are...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986783)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986783 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it...

Linux Distros Unpatched Vulnerability : CVE-2021-47219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: scsidebug: Fix out-of-bound read in respreporttgtpgs The following issue was observed running syzkaller: BUG: KASAN: slab-out-of-bounds in memcpy...

Linux Distros Unpatched Vulnerability : CVE-2024-26671

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-mq: fix IO hang from sbitmap wakeup race In blkmqmarktagwait, addwaitqueue may be re- ordered with the following blkmqgetdrivertag in case of getting driver...

SUSE CVE-2021-47580

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...

CVE-2021-47580

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...

CVE-2021-47578

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...

CVE-2021-47576

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...

CVE-2021-47576

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...

CVE-2021-47580

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...

CVE-2021-47578

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...

CVE-2021-47580

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...

CVE-2021-47576

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...

CVE-2021-47576

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Sanity check block descriptor length in respmodeselect In respmodeselect sanity check the block descriptor len to avoid UAF. BUG: KASAN: use-after-free in respmodeselect+0xa4c/0xb40 drivers/scsi/scsidebug.c:2509...

CVE-2021-47580

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...

CVE-2021-47580 scsi: scsi_debug: Fix type in min_t to avoid stack OOB

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...

CVE-2021-47580

Summary of CVE-2021-47580 / CVE-2024-38575 context: In the Linux kernel, the issue arises from using min_t with type int , which sign-extends large values and can trigger a stack-out-of-bounds during copies in the SCSI path (notably sg_copy_buffer and related code). The vulnerability is demonstra...

CVE-2021-47580 scsi: scsi_debug: Fix type in min_t to avoid stack OOB

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...