| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024102152-CVE-2024-49852-875e@gregkh> Date: Mon, 21 Oct 2024 14:18:54 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-49852: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() Description =========== In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() The kref_put() function will call nport->release if the refcount drops to zero. The nport->release release function is _efc_nport_free() which frees "nport". But then we dereference "nport" on the next line which is a use after free. Re-order these lines to avoid the use after free. The Linux kernel CVE team has assigned CVE-2024-49852 to this issue. Affected and fixed versions =========================== Issue introduced in 5.14 with commit fcd427303eb9 and fixed in 5.15.168 with commit 16a570f07d87 Issue introduced in 5.14 with commit fcd427303eb9 and fixed in 6.1.113 with commit abc71e89170e Issue introduced in 5.14 with commit fcd427303eb9 and fixed in 6.6.54 with commit baeb8628ab7f Issue introduced in 5.14 with commit fcd427303eb9 and fixed in 6.10.13 with commit 7c2908985e4a Issue introduced in 5.14 with commit fcd427303eb9 and fixed in 6.11.2 with commit 98752fcd076a Issue introduced in 5.14 with commit fcd427303eb9 and fixed in 6.12-rc1 with commit 2e4b02fad094 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-49852 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/scsi/elx/libefc/efc_nport.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/16a570f07d870a285b0c0b0d1ca4dff79e8aa5ff https://git.kernel.org/stable/c/abc71e89170ed32ecf0a5a29f31aa711e143e941 https://git.kernel.org/stable/c/baeb8628ab7f4577740f00e439d3fdf7c876b0ff https://git.kernel.org/stable/c/7c2908985e4ae0ea1b526b3916de9e5351650908 https://git.kernel.org/stable/c/98752fcd076a8cbc978016eae7125b4971be1eec https://git.kernel.org/stable/c/2e4b02fad094976763af08fec2c620f4f8edd9ae
Powered by blists - more mailing lists