9.8

CVE-2026-43414

scsi: qla2xxx: Completely fix fcport double free

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Completely fix fcport double free

In qla24xx_els_dcmd_iocb() sp->free is set to qla2x00_els_dcmd_sp_free().
When an error happens, this function is called by qla2x00_sp_release(),
when kref_put() releases the first and the last reference.

qla2x00_els_dcmd_sp_free() frees fcport by calling qla2x00_free_fcport().
Doing it one more time after kref_put() is a bad idea.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.15.154 < 5.16
LinuxLinux Kernel Version >= 6.1.84 < 6.2
LinuxLinux Kernel Version >= 6.6.24 < 6.7
LinuxLinux Kernel Version >= 6.7.12 < 6.8
LinuxLinux Kernel Version >= 6.8.3 < 6.9
LinuxLinux Kernel Version >= 6.9.1 < 6.19.9
LinuxLinux Kernel Version6.9 Update-
LinuxLinux Kernel Version6.9 Updaterc2
LinuxLinux Kernel Version6.9 Updaterc3
LinuxLinux Kernel Version6.9 Updaterc4
LinuxLinux Kernel Version6.9 Updaterc5
LinuxLinux Kernel Version6.9 Updaterc6
LinuxLinux Kernel Version6.9 Updaterc7
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.38% 0.296
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-415 Double Free

The product calls free() twice on the same memory address.

https://git.kernel.org/stable/c/d48ea85463f5b34f7b92ea0a13eddf1ab993da7b
Patch
https://git.kernel.org/stable/c/c0b7da13a04bd70ef6070bfb9ea85f582294560a
Patch