CVE-2021-47473
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
Commit 8c0eb596baa5 ("[SCSI] qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()"), intended to change:
bsg_job->request->msgcode == FC_BSG_HST_ELS_NOLOGIN
bsg_job->request->msgcode != FC_BSG_RPT_ELS
but changed it to:
bsg_job->request->msgcode == FC_BSG_RPT_ELS
instead.
Change the == to a != to avoid leaking the fcport structure or freeing unallocated memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 8c0eb596baa51f2b43949c698c644727ef17805c < 96f0aebf29be25254fa585af43924e34aa21fd9a | affected |
| Linux | Linux | 8c0eb596baa51f2b43949c698c644727ef17805c < a7fbb56e6c941d9f59437b96412a348e66388d3e | affected |
| Linux | Linux | 8c0eb596baa51f2b43949c698c644727ef17805c < 7fb223d0ad801f633c78cbe42b1d1b55f5d163ad | affected |
| Linux | Linux | 3.11 | affected |
| Linux | Linux | 0 < 3.11 | unaffected |
| Linux | Linux | 5.10.76 <= 5.10.* | unaffected |
| Linux | Linux | 5.14.15 <= 5.14.* | unaffected |
| Linux | Linux | 5.15 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a
- https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e
- https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad
References
- https://git.kernel.org/stable/c/96f0aebf29be25254fa585af43924e34aa21fd9a
- https://git.kernel.org/stable/c/a7fbb56e6c941d9f59437b96412a348e66388d3e
- https://git.kernel.org/stable/c/7fb223d0ad801f633c78cbe42b1d1b55f5d163ad
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.