CVE-2024-26930

2024-05-0100:00:00

ubuntu.com

linux kernel

vulnerability

resolved

scsi

qla2xxx

double free

pointer

coverity scan

potential risk

assign null

kfree

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved: scsi:
qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan reported
potential risk of double free of the pointer ha->vp_map. ha->vp_map was
freed in qla2x00_mem_alloc(), and again freed in function
qla2x00_mem_free(ha). Assign NULL to vp_map and kfree take care of NULL.

OSVersionArchitecturePackageVersionFilename
ubuntu24.04noarchlinux< 6.8.0-35.35UNKNOWN
ubuntu24.04noarchlinux-aws< 6.8.0-1009.9UNKNOWN
ubuntu22.04noarchlinux-aws-6.5< anyUNKNOWN
ubuntu24.04noarchlinux-azure< 6.8.0-1008.8UNKNOWN
ubuntu22.04noarchlinux-azure-6.5< anyUNKNOWN
ubuntu24.04noarchlinux-gcp< 6.8.0-1008.9UNKNOWN
ubuntu22.04noarchlinux-gcp-6.5< anyUNKNOWN
ubuntu24.04noarchlinux-gke< 6.8.0-1004.7UNKNOWN
ubuntu24.04noarchlinux-ibm< 6.8.0-1006.6UNKNOWN
ubuntu24.04noarchlinux-lowlatency< 6.8.0-35.35.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	24.04	noarch	linux	< 6.8.0-35.35	UNKNOWN
ubuntu	24.04	noarch	linux-aws	< 6.8.0-1009.9	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.5	< any	UNKNOWN
ubuntu	24.04	noarch	linux-azure	< 6.8.0-1008.8	UNKNOWN
ubuntu	22.04	noarch	linux-azure-6.5	< any	UNKNOWN
ubuntu	24.04	noarch	linux-gcp	< 6.8.0-1008.9	UNKNOWN
ubuntu	22.04	noarch	linux-gcp-6.5	< any	UNKNOWN
ubuntu	24.04	noarch	linux-gke	< 6.8.0-1004.7	UNKNOWN
ubuntu	24.04	noarch	linux-ibm	< 6.8.0-1006.6	UNKNOWN
ubuntu	24.04	noarch	linux-lowlatency	< 6.8.0-35.35.1	UNKNOWN