ThreatCluster

Multiple CVEs Addressed in SCSI and QEMU Components

First seen 18 Feb 2026, 12:23 UTC Api.Msrc.Microsoft 78% similarity 46

Article Content

Browse articles
ThreatCluster

On February 18, 2026, Microsoft published information on several CVEs affecting SCSI and QEMU components. These vulnerabilities include potential memory corruption in qla2xxx (CVE-2024-42288), a kernel oops issue in qla1280 (CVE-2025-21957), and a dma reentrancy issue in lsi53c895a leading to stack overflow (CVE-2023-0330). The affected components are critical for system stability and performance.

ThreatCluster AI

Timeline

2023-03-06
CVE-2023-0330 published
2024-08-17
CVE-2024-42286 published
2024-08-17
CVE-2024-42288 published
2025-04-01
CVE-2025-21957 published
2026-02-18
Microsoft publishes information on multiple CVEs

Community

Browse all →