We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56623

scsi: qla2xxx: Fix use after free on unload



Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 signals to tell dpc_thread to terminate (UNLOADING flag and kthread_stop). On setting the UNLOADING flag when dpc_thread happens to run at the time and sees the flag, this causes dpc_thread to exit and clean up itself. When kthread_stop is called for final cleanup, this causes use after free. Remove UNLOADING signal to terminate dpc_thread. Use the kthread_stop as the main signal to exit dpc_thread. [596663.812935] kernel BUG at mm/slub.c:294! [596663.812950] invalid opcode: 0000 [#1] SMP PTI [596663.812957] CPU: 13 PID: 1475935 Comm: rmmod Kdump: loaded Tainted: G IOE --------- - - 4.18.0-240.el8.x86_64 #1 [596663.812960] Hardware name: HP ProLiant DL380p Gen8, BIOS P70 08/20/2012 [596663.812974] RIP: 0010:__slab_free+0x17d/0x360 ... [596663.813008] Call Trace: [596663.813022] ? __dentry_kill+0x121/0x170 [596663.813030] ? _cond_resched+0x15/0x30 [596663.813034] ? _cond_resched+0x15/0x30 [596663.813039] ? wait_for_completion+0x35/0x190 [596663.813048] ? try_to_wake_up+0x63/0x540 [596663.813055] free_task+0x5a/0x60 [596663.813061] kthread_stop+0xf3/0x100 [596663.813103] qla2x00_remove_one+0x284/0x440 [qla2xxx]

Reserved 2024-12-27 | Published 2024-12-27 | Updated 2024-12-27 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 12f04fc8580eafb0510f805749553eb6213f323e
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before ca36d9d53745d5ec8946ef85006d4da605ea7c54
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b3e6f25176f248762a24d25ab8cf8c5e90874f80
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 15369e774f27ec790f207de87c0b541e3f90b22d
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 6abf16d3c915b2feb68c1c8b25fcb71b13f98478
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 07c903db0a2ff84b68efa1a74a4de353ea591eb0
affected

Default status
affected

5.10.231
unaffected

5.15.174
unaffected

6.1.120
unaffected

6.6.66
unaffected

6.12.5
unaffected

6.13-rc2
unaffected

References

git.kernel.org/...c/12f04fc8580eafb0510f805749553eb6213f323e

git.kernel.org/...c/ca36d9d53745d5ec8946ef85006d4da605ea7c54

git.kernel.org/...c/b3e6f25176f248762a24d25ab8cf8c5e90874f80

git.kernel.org/...c/15369e774f27ec790f207de87c0b541e3f90b22d

git.kernel.org/...c/6abf16d3c915b2feb68c1c8b25fcb71b13f98478

git.kernel.org/...c/07c903db0a2ff84b68efa1a74a4de353ea591eb0

cve.org (CVE-2024-56623)

nvd.nist.gov (CVE-2024-56623)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56623

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.