Lucene search
LinuxVULNRICHMENT:CVE-2021-46963HistoryFeb 27, 2024 - 6:47 p.m.
CVE-2021-46963 scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
2024-02-2718:47:01
Linux
github.com
2
linux kernel
vulnerability resolved
scsi fix
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
RIP: 0010:kmem_cache_free+0xfa/0x1b0
Call Trace:
qla2xxx_mqueuecommand+0x2b5/0x2c0 [qla2xxx]
scsi_queue_rq+0x5e2/0xa40
__blk_mq_try_issue_directly+0x128/0x1d0
blk_mq_request_issue_directly+0x4e/0xb0
Fix incorrect call to free srb in qla2xxx_mqueuecommand(), as srb is now
allocated by upper layers. This fixes smatch warning of srb unintended
free.
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "64a8c5018a4b",
"lessThan": "c5ab9b67d8b0",
"versionType": "git"
},
{
"status": "affected",
"version": "dea6ee717303",
"lessThan": "77509a238547",
"versionType": "git"
},
{
"status": "affected",
"version": "af2a0c51b120",
"lessThan": "702cdaa2c628",
"versionType": "git"
},
{
"status": "affected",
"version": "af2a0c51b120",
"lessThan": "80ef24175df2",
"versionType": "git"
},
{
"status": "affected",
"version": "af2a0c51b120",
"lessThan": "a73208e32441",
"versionType": "git"
},
{
"status": "affected",
"version": "af2a0c51b120",
"lessThan": "6641df81ab79",
"versionType": "git"
}
],
"programFiles": [
"drivers/scsi/qla2xxx/qla_os.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "5.5"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "5.5",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.19.191",
"versionType": "custom",
"lessThanOrEqual": "4.19.*"
},
{
"status": "unaffected",
"version": "5.4.118",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.36",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.11.20",
"versionType": "custom",
"lessThanOrEqual": "5.11.*"
},
{
"status": "unaffected",
"version": "5.12.3",
"versionType": "custom",
"lessThanOrEqual": "5.12.*"
},
{
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/scsi/qla2xxx/qla_os.c"
],
"defaultStatus": "affected"
}
]References
git.kernel.org/stable/c/6641df81ab799f28a5d564f860233dd26cca0d93
git.kernel.org/stable/c/702cdaa2c6283c135ef16d52e0e4e3c1005aa538
git.kernel.org/stable/c/77509a238547863040a42d57c72403f7d4c89a8f
git.kernel.org/stable/c/80ef24175df2cba3860d0369d1c662b49ee2de56
git.kernel.org/stable/c/a73208e3244127ef9f2cdf24e4adb947aaa32053
git.kernel.org/stable/c/c5ab9b67d8b061de74e2ca51bf787ee599bd7f89
Related
prion
prion
Spoofing
2024-02-27 19:04:00
nvd
nvd
CVE-2021-46963
2024-02-27 19:04:07
debiancve
debiancve
CVE-2021-46963
2024-02-27 19:04:07
ubuntucve
ubuntucve
CVE-2021-46963
2024-02-27 00:00:00
cvelist
cvelist
CVE-2021-46963 scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()
2024-02-27 18:47:01
redhatcve
redhatcve
CVE-2021-46963
2024-02-29 07:02:32
cve
cve
CVE-2021-46963
2024-02-27 19:04:07
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-004)
2022-05-02 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)
2024-04-29 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-002)
2022-05-02 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1489-1)
2024-08-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1643-1)
2024-05-15 00:00:00
AI Score
6.7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2021-46963