2 matches found
CVE-2021-46963
CVE-2021-46963 affects the Linux kernel SCSI qla2xxx driver, where a crash occurred due to an incorrect free of the srb in qla2xxx_mqueuecommand(); srb is now allocated by upper layers. The fix resolves the crash (impact: HIGH availability) by correcting the free path. The cited advisories (SUSE/...
CVE-2022-50493
CVE-2022-50493 is a Linux kernel vulnerability affecting the qla2xxx SCSI path. The issue caused a crash during CPU hotplug when an I/O abort timed out, where completion could be invoked without confirming the I/O’s completion. The advisory fixes to ensure I/O and abort requests are still outstan...