Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001599 advisory. Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002385)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002385 advisory. Double free vulnerability in the sgcommonwrite function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial o...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003130)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003130 advisory. Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986751 advisory. In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMAFROMDEVICE The problem I'm addressing was discovered by the LTP te...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986477 advisory. In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMAFROMDEVICE The problem I'm addressing was discovered by the LTP te...

Linux Distros Unpatched Vulnerability : CVE-2018-1000204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to...

DEBIAN-CVE-2022-48853

In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMAFROMDEVICE The problem I'm addressing was discovered by the LTP test covering cve-2018-1000204. A short description of what happens follows: 1 The test case issues a command code 00 TEST UNIT READY...

SUSE CVE-2011-4127

The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...

SUSE CVE-2014-8181

The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SGIO buffer, which may leaking sensitive information to userspace...

SUSE CVE-2018-1000204

Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in...

kernel: Infoleak caused by incorrect handling of the SG_IO ioctl

A malformed SGIO ioctl issued for a SCSI device in the Linux kernel leads to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files...

Linux kernel information disclosure vulnerability (CNVD-2018-16269)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An information disclosure vulnerability exists in Linux kernel versions 3.18 through 4.16, which arises from a program's failure to properly handle the SGIO ioctl. An...

UBUNTU-CVE-2015-8962

Double free vulnerability in the sgcommonwrite function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service memory corruption and system crash by detaching a device during an SGIO ioctl call...

PT-2016-4074 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.4 Description: The issue is related to a double free vulnerability in the sg common write function. This vulnerability allows local users to gain privileges or cause a denial of service, resulting in memory...

PT-2012-1244 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.9 Description: The issue is related to the scsi ioctl function in the Linux kernel, which does not properly consider the SCSI device class during authorization of SCSI commands. This allows local users to bypa...

DEBIAN-CVE-2011-4127

The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume...