Lucene search
K

30 matches found

SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.6 views

SUSE CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.9AI score0.00101EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.5CVSS0.00101EPSS
Exploits0References8
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

UBUNTU-CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.5CVSS5.8AI score0.00101EPSS
Exploits0References11
CVE
CVE
added 2026/06/26 7:41 p.m.9 views

CVE-2026-53304

CVE-2026-53304 affects the Linux kernel SCSI generic (sg) driver, specifically the def_reserved_size default buffer size for each /dev/sgX. The root cause is a bypass of sg_proc_write_dressz limits, allowing an invalid value to be written via the module parameter, which can trigger a soft lockup....

5.5CVSS5.9AI score0.00101EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race The function sgremovesfpusercontext must not use sgdeviceDestroy after calling scsidevicePut. sgdeviceDestroy accesses the parent scsidevice request queue, which will already be set to NULL...

4.7CVSS6.2AI score0.00227EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001001)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001001 advisory. The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local...

7CVSS6.5AI score0.00372EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000557)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000557 advisory. The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read o...

7.8CVSS6.7AI score0.00437EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003050)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003050 advisory. The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read o...

7.8CVSS6.5AI score0.00437EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-10382

Malware in sbrugna...

7.8CVSS6.4AI score0.00437EPSS
Exploits0References25
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not waiting for a command to complete when a sg device is removed, which could lead to data corruption...

5.5CVSS6.4AI score0.00194EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2024/05/21 1:58 a.m.6 views

SUSE CVE-2024-35954

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...

5.5CVSS6.8AI score0.00227EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2024/05/20 5:43 p.m.34 views

CVE-2024-35954

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...

5.5CVSS6.5AI score0.00227EPSS
Exploits0References4
NVD
NVD
added 2024/05/20 10:15 a.m.22 views

CVE-2024-35954

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...

4.7CVSS6.5AI score0.00227EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/05/20 10:15 a.m.26 views

CVE-2024-35954

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...

4.7CVSS6.3AI score0.00227EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/05/20 9:41 a.m.22 views

CVE-2024-35954 scsi: sg: Avoid sg device teardown race

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...

6.8AI score0.00227EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/20 9:41 a.m.30 views

CVE-2024-35954 scsi: sg: Avoid sg device teardown race

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...

6.4AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2024/05/20 9:41 a.m.15 views

CVE-2024-35954 scsi: sg: Avoid sg device teardown race

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...

4.7CVSS6AI score0.00227EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/05/20 9:41 a.m.19 views

CVE-2024-35954

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...

4.7CVSS6.9AI score0.00227EPSS
Exploits0
Veracode
Veracode
added 2019/05/02 5:52 a.m.30 views

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. blkrqmapuseriov function in the Linux kernel's block device implementation does not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a use-after-fre...

7.8CVSS6.7AI score0.00437EPSS
Exploits0References27Affected Software2
RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.5 views

kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)

It was found that the fix for CVE-2016-9576 was incomplete: the Linux kernel's sg implementation did not properly restrict write operations in situations where the KERNELDS option is set. A local attacker to read or write to arbitrary kernel memory locations or cause a denial of service...

7.8CVSS6.9AI score0.00437EPSS
Exploits0References4
Rows per page
Query Builder