CVE-2024-26930

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix double free of the ha->vp_map pointer

Coverity scan reported potential risk of double free of the pointer ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed in function qla2x00_mem_free(ha).

Assign NULL to vp_map and kfree take care of NULL.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux430eef03a763e5e76a371ba6d02779ae4a64b6ea < f14cee7a882cb79528f17a2335f53e9fd1848467affected
LinuxLinux430eef03a763e5e76a371ba6d02779ae4a64b6ea < b7deb675d674f44e0ddbab87fee8f9f098925e73affected
LinuxLinux430eef03a763e5e76a371ba6d02779ae4a64b6ea < 825d63164a2e6bacb059a9afb5605425b485413faffected
LinuxLinux430eef03a763e5e76a371ba6d02779ae4a64b6ea < e288285d47784fdcf7c81be56df7d65c6f10c58baffected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.6.24 <= 6.6.*unaffected
LinuxLinux6.7.12 <= 6.7.*unaffected
LinuxLinux6.8.3 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References