65 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Added a length check to avoid buffer overflow. The buffer overflow occurs due to the use of snprintf to write data into the buffer “buf” in the targetlugpmembersshow function located in...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter structure, which is allocated using targetalloccmdcounter, is never freed, resulting in leaks across various transport types. For example: - Unreferenced objec...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: target: core: Fixed the nullptrderef issue in targetallocdevice. There is a nullptrderef issue reported by KASAN: BUG: KASAN: Nullptrderef in targetallocdevice+0xbc4/0xbe0 targetcoremod … kasanreport+0xb9/0xf0...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from targetcorefile not initializing the kiwritestream field of aiocmd-iocb, which could result in a write comman...
SUSE-SU-2026:1573-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-68794: iomap: adjust read range correctly for...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013752 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow A buffer overflow...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011241)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011241 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow A buffer overflow...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007492)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007492 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow A buffer overflow...
SUSE CVE-2026-23292
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive locking in configfsopenfile In flushwritebuffer, &p-fragsem is acquired and then the loaded store function is called, which, here, is targetcoreitemdbrootstore. This function called filpopen, following...
CVE-2026-23292
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive locking in configfsopenfile In flushwritebuffer, &p-fragsem is acquired and then the loaded store function is called, which, here, is targetcoreitemdbrootstore. This function called filpopen, following...
CVE-2026-23292
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive locking in configfsopenfile In flushwritebuffer, &p-fragsem is acquired and then the loaded store function is called, which, here, is targetcoreitemdbrootstore. This function called filpopen, following...
CVE-2026-23292 scsi: target: Fix recursive locking in __configfs_open_file()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive locking in configfsopenfile In flushwritebuffer, &p-fragsem is acquired and then the loaded store function is called, which, here, is targetcoreitemdbrootstore. This function called filpopen, following...
CVE-2026-23292
CVE-2026-23292 : Linux kernel scsi: target: Fix recursive locking in __configfs_open_file(). The root cause was target_core_item_dbroot_store() attempting to open the file path (which is the same configfs file already held) using filp_open(), leading to potential nested frag_sem locking. The fix ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004872)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004872 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is...
CVE-2023-54184 scsi: target: iscsit: Free cmds before session free
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That leads to use-after-free at command free or NPE with such call trace: Time2Retain timer expired for...
CVE-2023-54154
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter struct allocated via targetalloccmdcounter is never freed, resulting in leaks across various transport types, e.g.: unreferenced object 0xffff88801f920120 size 96...
UBUNTU-CVE-2023-54154
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter struct allocated via targetalloccmdcounter is never freed, resulting in leaks across various transport types, e.g.: unreferenced object 0xffff88801f920120 size 96...
CVE-2023-54154
CVE-2023-54154 relates to the Linux kernel SCSI subsystem, specifically a leak in the target_cmd_counter allocated by target_alloc_cmd_counter() within the target/core path. The vulnerability description states that the target_cmd_counter struct is never freed, causing leaks across various transp...
CVE-2023-54154 scsi: target: core: Fix target_cmd_counter leak
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter struct allocated via targetalloccmdcounter is never freed, resulting in leaks across various transport types, e.g.: unreferenced object 0xffff88801f920120 size 96...
CVE-2023-54154 scsi: target: core: Fix target_cmd_counter leak
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter struct allocated via targetalloccmdcounter is never freed, resulting in leaks across various transport types, e.g.: unreferenced object 0xffff88801f920120 size 96...