CVE-2021-46963
scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
RIP: 0010:kmem_cache_free+0xfa/0x1b0
Call Trace:
qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx]
scsi_queue_rq+0x5e2/0xa40
__blk_mq_try_issue_directly+0x128/0x1d0
blk_mq_request_issue_directly+0x4e/0xb0
Fix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now
allocated by upper layers. This fixes smatch warning of srb unintended
free.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: qla2xxx: Soluciona falla en qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Rastreo de llamadas: qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx] scsi_queue_rq+0x5e2/0xa40 __blk_mq_try_issue_ directamente+0x128 /0x1d0 blk_mq_request_issue_directly+0x4e/0xb0 Se corrigió la llamada incorrecta para liberar srb en qla2xxx_mqueuecommand(), ya que srb ahora está asignado por capas superiores. Esto corrige la advertencia de srb gratuito no deseado.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-27 CVE Reserved
- 2024-02-27 CVE Published
- 2024-02-28 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/64a8c5018a4b21b04a756a56c495ef47c14e92d9 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/dea6ee7173039d489977c9ed92e3749154615db4 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/af2a0c51b1205327f55a7e82e530403ae1d42cbb | Vuln. Introduced | |
| https://git.kernel.org/stable/c/4a1cc2f71bc57cf8dee6f58e7d2355a43aabb312 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19.90 < 4.19.191 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.90 < 4.19.191" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4.4 < 5.4.118 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.4 < 5.4.118" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.10.36 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.36" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.11.20 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.11.20" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.12.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.12.3" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.13" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.3.17 Search vendor "Linux" for product "Linux Kernel" and version "5.3.17" | en |
Affected
| ||||||