CVE-2025-22083

vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint

References

Debian security tracker
cve.org

Notes

 carnil> Introduced in 25b98b64e284 ("vhost scsi: alloc cmds per vq instead of session")
 carnil> 4f7f46d32c98 ("tcm_vhost: Use vq->private_data to indicate if the endpoint is
 carnil> setup"). Vulnerable versions: 3.9.

Bugs

Status

Branch	Status
upstream	released (6.15-rc1) [5dd639a1646ef5fe8f4bf270fad47c5c3755b9b6]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.13-upstream-stable	released (6.13.11) [3fd054baf382a426bbf5135ede0fc5673db74d3e]
6.12-upstream-stable	released (6.12.23) [3a19eb3d9818e28f14c818a18dc913344a52ca92]
6.6-upstream-stable	released (6.6.87) [2b34bdc42df047794542f3e220fe989124e4499a]
6.1-upstream-stable	needed
5.10-upstream-stable	needed
sid	released (6.12.25-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	needed
5.10-bullseye-security	needed