34 matches found
CVE-2026-10717 Open-Seachest/Seachest show SCSI Defect List Vulnerability
Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defects lists via a very bad drive with lots of defects or a maliciously crafted SCSI device’s defect...
CVE-2026-45857
scsi: csiostor: Fix dereference of null pointer rn...
PT-2026-39075
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the scsi qla2xxx driver. In the qla24xx els dcmd iocb function, sp-free is assigned to qla2x00 els dcmd sp free. When an error occurs, this function is...
UBUNTU-CVE-2025-71235
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
ROS-20260205-73-0031
A vulnerability in the scsi.c component of the Linux operating system is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability allows an attacker to cause a denial of service...
CVE-2026-23059
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...
kernel: Fix of 39 CVEs
Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...
CVE-2023-53760 scsi: ufs: core: mcq: Fix &hwq->cq_lock deadlock issue
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq-cqlock deadlock issue When ufshcderrhandler is executed, CQ event interrupt can enter waiting for the same lock. This can happen in ufshcdhandlemcqcqevents and also in ufsmtkmcqintr. The following...
CVE-2023-53431
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...
CVE-2023-53387
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...
scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
...
USN-7701-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...
USN-7685-5: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...
DEBIAN-CVE-2025-38119
In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and...
The vulnerability of the drivers/scsi/lpfc component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the drivers/scsi/lpfc component in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to the operation of data out of the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...