CVE-2023-53696

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()

There is a memory leak reported by kmemleak:

unreferenced object 0xffffc900003f0000 (size 12288): comm "modprobe", pid 19117, jiffies 4299751452 (age 42490.264s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ……………. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ……………. backtrace: [<00000000629261a8>] __vmalloc_node_range+0xe56/0x1110 [<0000000001906886>] __vmalloc_node+0xbd/0x150 [<000000005bb4dc34>] vmalloc+0x25/0x30 [<00000000a2dc1194>] qla2x00_create_host+0x7a0/0xe30 [qla2xxx] [<0000000062b14b47>] qla2x00_probe_one+0x2eb8/0xd160 [qla2xxx] [<00000000641ccc04>] local_pci_probe+0xeb/0x1a0

The root cause is traced to an error-handling path in qla2x00_probe_one() when the adapter "base_vha" initialize failed. The fab_scan_rp "scan.l" is used to record the port information and it is allocated in qla2x00_create_host(). However, it is not released in the error handling path "probe_failed".

Fix this by freeing the memory of "scan.l" when an error occurs in the adapter initialization process.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa4239945b8ad112fb914d0605c8f6c5fd3330f61 < ae73c4dd48f2c79d515d509a0cbe9efb0a197f44affected
LinuxLinuxa4239945b8ad112fb914d0605c8f6c5fd3330f61 < 44374911ac63f769c442f56fdfadea673c5f4425affected
LinuxLinuxa4239945b8ad112fb914d0605c8f6c5fd3330f61 < 582e35e97318ccd9c81774bac08938291679525faffected
LinuxLinuxa4239945b8ad112fb914d0605c8f6c5fd3330f61 < 85ade4010e13ef152ea925c74d94253db92e5428affected
LinuxLinux4.16affected
LinuxLinux0 < 4.16unaffected
LinuxLinux5.15.107 <= 5.15.*unaffected
LinuxLinux6.1.24 <= 6.1.*unaffected
LinuxLinux6.2.11 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References