107 matches found
scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
...
SUSE CVE-2025-38289
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmocallbk Smatch detected a potential use-after-free of an ndlp oject in devlosstmocallbk during driver unload or fatal error handling. Fix by reordering code to avoid...
DEBIAN-CVE-2025-38119
In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and...
The vulnerability of the drivers/scsi/lpfc component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the drivers/scsi/lpfc component in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...
kernel: scsi: libfc: Fix use after free in fc_exch_abts_resp()
A vulnerability was found in the Linux kernel's SCSI libfc library in the fcexchabtsresp function, which can lead to a use-after-free scenario. This issue can occur because the function calls fcexchrelease, which decrements a reference count stored in the ep object and then frees the object once...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed a possible crash that occurred when setting up bsg failed. If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition “if!mrioc-bsgqueue” will not be...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fixed an array overflow issue in stsetup. The array size is now adjusted to match the parameter size, rather than using a fixed value...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to the operation of data out of the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to incorrect blocking of resources in the cqthreadv3hw function. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to gain elevated privileges within the system.
The vulnerability of the SCSI component in the Linux operating system is related to errors that occur after deallocation. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...
DEBIAN-CVE-2025-21738
In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSIIOCTLSENDCOMMAND ioctl with outlen set to 0xd42, SCSI command set to ATA16 PASS-THROUGH, ATA command set to ATANOP, and...
SUSE CVE-2022-49157
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix premature hw access after PCI error After a recoverable PCI error has been detected and recovered, qla driver needs to check to see if the error condition still persist and/or wait for the OS to give the resume...
SUSE CVE-2022-49504
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...
DEBIAN-CVE-2022-49536
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: nativequeuedspinlockslowpath+0x192 rawspinlockirqsave+0x32 lpfchandlefcperr+0x4...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the SCSI component in the Linux operating system is related to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
PT-2025-8820
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential use-after-free UAF access issue has been identified in the Linux kernel, specifically in the scsi: ufs: bsg component. The issue arises from not setting bsg queue to NULL aft...