Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-43821
HistoryAug 17, 2024 - 9:21 a.m.

CVE-2024-43821 scsi: lpfc: Fix a possible null pointer dereference

2024-08-1709:21:42
Linux
www.cve.org
4
linux kernel
scsi
lpfc
null pointer dereference
vulnerability

EPSS

0

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix a possible null pointer dereference

In function lpfc_xcvr_data_show, the memory allocation with kmalloc might
fail, thereby making rdp_context a null pointer. In the following context
and functions that use this pointer, there are dereferencing operations,
leading to null pointer dereference.

To fix this issue, a null pointer check should be added. If it is null,
use scnprintf to notify the user and return len.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/scsi/lpfc/lpfc_attr.c"
    ],
    "versions": [
      {
        "version": "479b0917e447",
        "lessThan": "57600a7dd2b5",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "479b0917e447",
        "lessThan": "45b2a23e00d4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "479b0917e447",
        "lessThan": "5e0bf3e8aec2",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/scsi/lpfc/lpfc_attr.c"
    ],
    "versions": [
      {
        "version": "6.2",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.2",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.44",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.3",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

ubuntucve 1
debiancve 1
vulnrichment 1
redhatcve 1
osv 5
nvd 1
cve 1
nessus 4
ubuntucve
ubuntucve
CVE-2024-43821
2024-08-17 00:00:00
debiancve
debiancve
CVE-2024-43821
2024-08-17 10:15:08
vulnrichment
vulnrichment
CVE-2024-43821 scsi: lpfc: Fix a possible null pointer dereference
2024-08-17 09:21:42
redhatcve
redhatcve
CVE-2024-43821
2024-08-19 13:45:17
osv
osv
CVE-2024-43821
2024-08-17 10:15:08
Security update for the Linux Kernel
2024-09-10 08:46:37
Security update for the Linux Kernel
2024-09-11 15:39:03
nvd
nvd
CVE-2024-43821
2024-08-17 10:15:08
cve
cve
CVE-2024-43821
2024-08-17 10:15:08
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3209-1)
2024-09-12 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3190-1)
2024-09-11 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3194-1)
2024-09-11 00:00:00

EPSS

0

Percentile

5.1%

JSON
Related for CVELIST:CVE-2024-43821
ubuntucve1debiancve1vulnrichment1redhatcve1osv5nvd1cve1nessus4