In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
RIP: 0010:kmem_cache_free+0xfa/0x1b0
Call Trace:
qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx]
scsi_queue_rq+0x5e2/0xa40
__blk_mq_try_issue_directly+0x128/0x1d0
blk_mq_request_issue_directly+0x4e/0xb0
Fix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now
allocated by upper layers. This fixes smatch warning of srb unintended
free.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/scsi/qla2xxx/qla_os.c"
],
"versions": [
{
"version": "64a8c5018a4b",
"lessThan": "c5ab9b67d8b0",
"status": "affected",
"versionType": "git"
},
{
"version": "dea6ee717303",
"lessThan": "77509a238547",
"status": "affected",
"versionType": "git"
},
{
"version": "af2a0c51b120",
"lessThan": "702cdaa2c628",
"status": "affected",
"versionType": "git"
},
{
"version": "af2a0c51b120",
"lessThan": "80ef24175df2",
"status": "affected",
"versionType": "git"
},
{
"version": "af2a0c51b120",
"lessThan": "a73208e32441",
"status": "affected",
"versionType": "git"
},
{
"version": "af2a0c51b120",
"lessThan": "6641df81ab79",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/scsi/qla2xxx/qla_os.c"
],
"versions": [
{
"version": "5.5",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.5",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.191",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.118",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.36",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.11.20",
"lessThanOrEqual": "5.11.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.12.3",
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.13",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]
git.kernel.org/stable/c/6641df81ab799f28a5d564f860233dd26cca0d93
git.kernel.org/stable/c/702cdaa2c6283c135ef16d52e0e4e3c1005aa538
git.kernel.org/stable/c/77509a238547863040a42d57c72403f7d4c89a8f
git.kernel.org/stable/c/80ef24175df2cba3860d0369d1c662b49ee2de56
git.kernel.org/stable/c/a73208e3244127ef9f2cdf24e4adb947aaa32053
git.kernel.org/stable/c/c5ab9b67d8b061de74e2ca51bf787ee599bd7f89