30 matches found
SUSE CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
UBUNTU-CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
CVE-2026-53304
CVE-2026-53304 affects the Linux kernel SCSI generic (sg) driver, specifically the def_reserved_size default buffer size for each /dev/sgX. The root cause is a bypass of sg_proc_write_dressz limits, allowing an invalid value to be written via the module parameter, which can trigger a soft lockup....
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race The function sgremovesfpusercontext must not use sgdeviceDestroy after calling scsidevicePut. sgdeviceDestroy accesses the parent scsidevice request queue, which will already be set to NULL...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001001)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001001 advisory. The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000557)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000557 advisory. The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read o...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003050)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003050 advisory. The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read o...
EUVD-2016-10382
Malware in sbrugna...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not waiting for a command to complete when a sg device is removed, which could lead to data corruption...
SUSE CVE-2024-35954
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
CVE-2024-35954
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
CVE-2024-35954
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
CVE-2024-35954
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
CVE-2024-35954 scsi: sg: Avoid sg device teardown race
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
CVE-2024-35954 scsi: sg: Avoid sg device teardown race
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
CVE-2024-35954 scsi: sg: Avoid sg device teardown race
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
CVE-2024-35954
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of serviceDoS attacks. blkrqmapuseriov function in the Linux kernel's block device implementation does not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a use-after-fre...
kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)
It was found that the fix for CVE-2016-9576 was incomplete: the Linux kernel's sg implementation did not properly restrict write operations in situations where the KERNELDS option is set. A local attacker to read or write to arbitrary kernel memory locations or cause a denial of service...