Emmanuel Bouillon discovered a double free in tgt, the Linux SCSI target user-space tools, which could lead to denial of service. The oldstable distribution doesn"t include tgt.