[SRU][N][PATCH 0/1] CVE-2024-53227
Bethany Jamison
bethany.jamison at canonical.com
Tue Feb 11 21:57:09 UTC 2025
[Impact]
scsi: bfa: Fix use-after-free in bfad_im_module_exit()
There is a slab-use-after-free read of size 8 in __lock_acquire.
This issue happens as follows:
bfad_init
error = bfad_im_module_init()
fc_release_transport(bfad_im_scsi_transport_template);
if (error)
goto ext;
ext:
bfad_im_module_exit();
fc_release_transport(bfad_im_scsi_transport_template);
--> Trigger double release
Don't call bfad_im_module_exit() if bfad_im_module_init() failed.
[Fix]
Oracular: pending (6.11.0-17.17)
Noble: Clean cherry-pick from linux-6.11.y
Jammy: pending
Focal: pending
Bionic: fix sent to esm ML
Xenial: fix sent to esm ML
Trusty: won't fix as it is not critical
[Test Case]
Compile tested, lack hardware for further testing.
[Where problems could occur]
This fix affects those who use the QLogic BR-series Fibre Channel Host
Bus Adapter driver, an issue with this fix would be visible to the user
via unexpected system behavior.
Ye Bin (1):
scsi: bfa: Fix use-after-free in bfad_im_module_exit()
drivers/scsi/bfa/bfad.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list