Lucene search
K

39 matches found

ATTACKERKB
ATTACKERKB
added 2024/07/16 12:15 p.m.10 views

CVE-2022-48791

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if a TMF sastask is aborted before we handle the IO completion in mpisspcompletion. The abort occurs due to timeout. When the timeout...

7.8CVSS6.2AI score0.00244EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/07/16 12:15 p.m.3 views

DEBIAN-CVE-2022-48791

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sastask Currently a use-after-free may occur if a TMF sastask is aborted before we handle the IO completion in mpisspcompletion. The abort occurs due to timeout. When the timeout...

7.8CVSS5.7AI score0.00244EPSS
Exploits0References1
OSV
OSV
added 2024/07/16 12:15 p.m.5 views

UBUNTU-CVE-2022-48823

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. 974.309060 0000:00:00.0:qedfehdevicereset:868: 1:0:2:0: LUN RESET Issued... 974.309065...

5.5CVSS6.2AI score0.00281EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/07/16 11:44 a.m.15 views

CVE-2022-48823 scsi: qedf: Fix refcount issue when LOGO is received during TMF

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. 974.309060 0000:00:00.0:qedfehdevicereset:868: 1:0:2:0: LUN RESET Issued... 974.309065...

6.9AI score0.00281EPSS
Exploits0References5
CVE
CVE
added 2024/07/16 11:44 a.m.88 views

CVE-2022-48823

CVE-2022-48823 affects the Linux kernel SCSI qedf driver. The issue is a refcount bug triggered when a LOGO is received during a TMF, which can cause an I/O to hang in the qedf driver. The provided connected advisories confirm the root cause (refcount during TMF/LOGO) and note that a fix was impl...

5.5CVSS6.7AI score0.00281EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/05/21 3:15 p.m.0 views

DEBIAN-CVE-2021-47328

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsiconnteardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn ehwait...

7.8CVSS5.6AI score0.00253EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/21 3:15 p.m.14 views

CVE-2021-47328

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsiconnteardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn ehwait...

7.8CVSS6.1AI score0.00253EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/05/21 3:15 p.m.6 views

UBUNTU-CVE-2021-47328

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race where iscsiconnteardown wakes up the EH thread and then frees the conn while those threads are still accessing the conn ehwait...

7.8CVSS6.2AI score0.00253EPSS
Exploits0References9
NVD
NVD
added 2024/04/17 10:15 a.m.26 views

CVE-2024-26845

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist but does not go to target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and waits for...

5.5CVSS7.6AI score0.00237EPSS
Exploits0References10
CVE
CVE
added 2024/04/17 10:10 a.m.128 views

CVE-2024-26845

CVE-2024-26845 (Linux kernel) involves the SCSI target core handling of TMF in tmr_list. The issue: an abort processed by iSCSI could be added to tmr_list but not handled by target core, causing a LUN_RESET path to wait for an abort that never completes. Public advisories show debug traces (e.g.,...

5.5CVSS6.4AI score0.00237EPSS
Exploits0References10Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/17 10:10 a.m.22 views

CVE-2024-26845 scsi: target: core: Add TMF to tmr_list handling

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Add TMF to tmrlist handling An abort that is responded to by iSCSI itself is added to tmrlist but does not go to target core. A LUNRESET that goes through tmrlist takes a refcounter on the abort and waits for...

6.7AI score0.00237EPSS
Exploits0References7
Openbugbounty
Openbugbounty
added 2024/04/11 10:28 a.m.8 views

gmds-tmf-2021.de Cross Site Scripting vulnerability OBB-3915519

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2022/02/27 3:20 a.m.14 views

GSD-2022-1000539 scsi: pm8001: Fix use-after-free for aborted TMF sas_task

scsi: pm8001: Fix use-after-free for aborted TMF sastask This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.11 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2022/02/27 3:15 a.m.11 views

GSD-2022-1000496 scsi: qedf: Fix refcount issue when LOGO is received during TMF

scsi: qedf: Fix refcount issue when LOGO is received during TMF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/02/27 3:8 a.m.13 views

GSD-2022-1000452 scsi: pm8001: Fix use-after-free for aborted TMF sas_task

scsi: pm8001: Fix use-after-free for aborted TMF sastask This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.25 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2022/02/27 3:4 a.m.8 views

GSD-2022-1000419 scsi: qedf: Fix refcount issue when LOGO is received during TMF

scsi: qedf: Fix refcount issue when LOGO is received during TMF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/02/27 2:56 a.m.7 views

GSD-2022-1000365 scsi: qedf: Fix refcount issue when LOGO is received during TMF

scsi: qedf: Fix refcount issue when LOGO is received during TMF This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/02/11 12:31 p.m.15 views

tmf-ev.de Cross Site Scripting vulnerability OBB-2368510

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
CVE
CVE
added 2002/08/31 4:0 a.m.35 views

CVE-2002-1012

CVE-2002-1012 affects IBM Tivoli Management Framework (TMF) ManagedNode, specifically TMF 3.6.x through 3.7.1. It is a remote vulnerability: a crafted long HTTP GET request can trigger a buffer overflow in the web server, leading to denial of service or arbitrary code execution. The issue is docu...

7.5CVSS8AI score0.03336EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder