CVE-2024-26930

scsi: qla2xxx: Fix double free of the ha->vp_map pointer

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix double free of the ha->vp_map pointer

Coverity scan reported potential risk of double free of the pointer
ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed
in function qla2x00_mem_free(ha).

Assign NULL to vp_map and kfree take care of NULL.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: qla2xxx: Corrección de doble liberación del puntero ha->vp_map Coverity scan informó un riesgo potencial de doble liberación del puntero ha->vp_map. ha->vp_map se liberó en qla2x00_mem_alloc() y nuevamente se liberó en la función qla2x00_mem_free(ha). Asigne NULL a vp_map y kfree se encargará de NULL.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-05-01 CVE Published
2024-05-24 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-415: Double Free

CAPEC

References (6)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/f14cee7a882cb79528f17a2335f53e9fd1848467	2024-04-03
https://git.kernel.org/stable/c/b7deb675d674f44e0ddbab87fee8f9f098925e73	2024-04-03
https://git.kernel.org/stable/c/825d63164a2e6bacb059a9afb5605425b485413f	2024-04-03
https://git.kernel.org/stable/c/e288285d47784fdcf7c81be56df7d65c6f10c58b	2024-03-10

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2024-26930	2024-09-24
https://bugzilla.redhat.com/show_bug.cgi?id=2278248	2024-09-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.6.24 Search vendor "Linux" for product "Linux Kernel" and version " < 6.6.24"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.7.12 Search vendor "Linux" for product "Linux Kernel" and version " < 6.7.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.8.3 Search vendor "Linux" for product "Linux Kernel" and version " < 6.8.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.9 Search vendor "Linux" for product "Linux Kernel" and version " < 6.9"		en		Affected