Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code in qedfexecutetmf90. This results in BUGON when running an RT kernel. 659.343280 BUG: Using smpprocessorid in preemptible 000000...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021573)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021573 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code...

CVE-2025-68371

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989551)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989551 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986663 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can...

Linux Distros Unpatched Vulnerability : CVE-2022-48791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if a TMF sastask is aborted before we handle the IO completion in...

Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes one issue. The following security issue was fixed: CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE-SU-2025:1092-1 Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes one issue. The following security issue was fixed: - CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002...

kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible

A vulnerability was found in the Linux kernel's qedf driver function qedfexecutetmf, where the function call smpprocessorid is done from preemptible code before acquiring a lock which can result in BUGON when running an RT kernel. This can result in system inconsistencies...

AZL-51165 CVE-2024-49863 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhostscsigetreq Since commit 3f8ca2e115e5 "vhost/scsi: Extract common handling code from control queue handler" a null pointer dereference bug can be triggered when guest sends an SCSI AN...

SUSE-SU-2024:3499-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 - CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate bsc1229454. -...

kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible

A vulnerability was found in the Linux kernel's qedf driver function qedfexecutetmf, where the function call smpprocessorid is done from preemptible code before acquiring a lock which can result in BUGON when running an RT kernel. This can result in system inconsistencies...

SUSE-SU-2024:3304-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48791: Fix use-after-free for aborted TMF sastask bsc1228002 The following non-security bugs were fixed: - powerpc: Remove support for PowerPC 601 Remove...

DEBIAN-CVE-2024-42124

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code in qedfexecutetmf90. This results in BUGON when running an RT kernel. 659.343280 BUG: using smpprocessorid in preemptible 00000000...

CVE-2024-42124

CVE-2024-42124 affects the Linux kernel and fixes a preemption bug in qedf by making qedf_execute_tmf() non-preemptible. The issue was triggered by calling smp_processor_id() from preemptible code in qedf_execute_tmf90, causing a BUG_ON on RT kernels. Affected context is kernel-level SCSI qedf dr...

CVE-2024-42124

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code in qedfexecutetmf90. This results in BUGON when running an RT kernel. 659.343280 BUG: using smpprocessorid in preemptible 00000000...

CVE-2022-48791

A flaw was found in the Linux kernel in the SCSI driver involved a use-after-free issue when a TMF sastask was aborted due to a timeout. If I/O completion occurred after the abort, the handler accessed the already freed sastask, leading to a potential crash. Mitigation Mitigation for this issue i...

CVE-2022-48823

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. 974.309060 0000:00:00.0:qedfehdevicereset:868: 1:0:2:0: LUN RESET Issued... 974.309065...

CVE-2022-48823

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. 974.309060 0000:00:00.0:qedfehdevicereset:868: 1:0:2:0: LUN RESET Issued... 974.309065...

CVE-2022-48791

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if a TMF sastask is aborted before we handle the IO completion in mpisspcompletion. The abort occurs due to timeout. When the timeout...