31 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: A memory leak has been fixed in the error path of qla2x00processels. The commit number is 8c0eb596baa5 “SCSI qla2xxx: Fix a memory leak in an error path of qla2x00processels”. The intended changes were to modify th...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid dereferencing the fcport pointer. Klocwork reported a warning that a NULL pointer might be dereferenced. The routine exits when saCTL is NULL and fcport is allocated after the exit call. This causes the NULL...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The issue of double-free of the fcport has been completely fixed. In the function qla24xxelsdcmdiocb, sp-free is set to qla2x00elsdcmdspfree. When an error occurs, this function is called by qla2x00sprelease. Durin...
SUSE CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
EUVD-2026-28720
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
UBUNTU-CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
CVE-2026-43414
CVE-2026-43414 affects the Linux kernel SCSI driver qla2xxx (fcport handling). The issue is a double-free of a Fibre Channel port object in qla24xx_els_dcmd_iocb() via qla2x00_els_dcmd_sp_free() after kref_put(), leading to potential memory corruption and system instability or DoS as described by...
CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function qla2x00elsdcmdspfree, where the fcport variable is released twice after the krefput...
PT-2026-39075
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the scsi qla2xxx driver. In the qla24xx els dcmd iocb function, sp-free is assigned to qla2x00 els dcmd sp free. When an error occurs, this function is...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989305)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989305 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00processels Commit 8c0eb596baa5 SCSI...
EUVD-2023-60005
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdmav40ip is shared on a few asics, but in sdmav40hwfini, driver unconditionally disables eccirq which is only enabled on those asics enabling sdma ecc. Th...
CVE-2023-53603
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sactl is NULL and fcport is allocated after the exit call thus causing NULL fcport pointer to...
CVE-2023-53603 scsi: qla2xxx: Avoid fcport pointer dereference
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sactl is NULL and fcport is allocated after the exit call thus causing NULL fcport pointer to...
CVE-2023-53603
CVE-2023-53603 affects the Linux kernel SCSI QLA2XXX path. The issue is a potential NULL pointer dereference where a fcport pointer may be dereferenced if sa_ctl is NULL and fcport is allocated after an exit path. The documented fix is to exit the routine when sa_ctl is NULL, preventing the NULL ...
CVE-2023-53603 scsi: qla2xxx: Avoid fcport pointer dereference
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sactl is NULL and fcport is allocated after the exit call thus causing NULL fcport pointer to...
PT-2025-40766
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the qla2xxx SCSI driver where a NULL pointer dereference may occur. Specifically, the issue arises when the sa ctl variable is NULL, and the fcport...
kernel: scsi: qla2xxx: Fix double free of fcport
No description is available for this CVE...