CVE-2024-26930

high

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan reported potential risk of double free of the pointer ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed in function qla2x00_mem_free(ha). Assign NULL to vp_map and kfree take care of NULL.

References

https://git.kernel.org/stable/c/f14cee7a882cb79528f17a2335f53e9fd1848467

https://git.kernel.org/stable/c/e288285d47784fdcf7c81be56df7d65c6f10c58b

https://git.kernel.org/stable/c/b7deb675d674f44e0ddbab87fee8f9f098925e73

https://git.kernel.org/stable/c/825d63164a2e6bacb059a9afb5605425b485413f

Details

Source: Mitre, NVD

Published: 2024-05-01

Updated: 2024-05-23

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High