CVE-2021-46963

scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Call Trace: qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx] scsi_queue_rq+0x5e2/0xa40 __blk_mq_try_issue_directly+0x128/0x1d0 blk_mq_request_issue_directly+0x4e/0xb0 Fix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now
allocated by upper layers. This fixes smatch warning of srb unintended
free.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: qla2xxx: Soluciona falla en qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Rastreo de llamadas: qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx] scsi_queue_rq+0x5e2/0xa40 __blk_mq_try_issue_ directamente+0x128 /0x1d0 blk_mq_request_issue_directly+0x4e/0xb0 Se corrigió la llamada incorrecta para liberar srb en qla2xxx_mqueuecommand(), ya que srb ahora está asignado por capas superiores. Esto corrige la advertencia de srb gratuito no deseado.

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() RIP: 0010:kmem_cache_free+0xfa/0x1b0 Call Trace: qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx] scsi_queue_rq+0x5e2/0xa40 __blk_mq_try_issue_directly+0x128/0x1d0 blk_mq_request_issue_directly+0x4e/0xb0 Fix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now allocated by upper layers. This fixes smatch warning of srb unintended free.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-27 CVE Reserved
2024-02-27 CVE Published
2024-12-17 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/64a8c5018a4b21b04a756a56c495ef47c14e92d9	Vuln. Introduced
https://git.kernel.org/stable/c/dea6ee7173039d489977c9ed92e3749154615db4	Vuln. Introduced
https://git.kernel.org/stable/c/af2a0c51b1205327f55a7e82e530403ae1d42cbb	Vuln. Introduced
https://git.kernel.org/stable/c/4a1cc2f71bc57cf8dee6f58e7d2355a43aabb312	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/c5ab9b67d8b061de74e2ca51bf787ee599bd7f89	2021-05-22
https://git.kernel.org/stable/c/77509a238547863040a42d57c72403f7d4c89a8f	2021-05-11
https://git.kernel.org/stable/c/702cdaa2c6283c135ef16d52e0e4e3c1005aa538	2021-05-11
https://git.kernel.org/stable/c/80ef24175df2cba3860d0369d1c662b49ee2de56	2021-05-12
https://git.kernel.org/stable/c/a73208e3244127ef9f2cdf24e4adb947aaa32053	2021-05-12
https://git.kernel.org/stable/c/6641df81ab799f28a5d564f860233dd26cca0d93	2021-03-30

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19.90 < 4.19.191 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.90 < 4.19.191"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4.4 < 5.4.118 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.4 < 5.4.118"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.10.36 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.10.36"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.11.20 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.11.20"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.12.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.12.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.5 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.3.17 Search vendor "Linux" for product "Linux Kernel" and version "5.3.17"		en		Affected