| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025102210-CVE-2023-53696-dadf@gregkh>
Date: Wed, 22 Oct 2025 15:24:35 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...nel.org>
Subject: CVE-2023-53696: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()
From: Greg Kroah-Hartman <gregkh@...nel.org>
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix memory leak in qla2x00_probe_one()
There is a memory leak reported by kmemleak:
unreferenced object 0xffffc900003f0000 (size 12288):
comm "modprobe", pid 19117, jiffies 4299751452 (age 42490.264s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000629261a8>] __vmalloc_node_range+0xe56/0x1110
[<0000000001906886>] __vmalloc_node+0xbd/0x150
[<000000005bb4dc34>] vmalloc+0x25/0x30
[<00000000a2dc1194>] qla2x00_create_host+0x7a0/0xe30 [qla2xxx]
[<0000000062b14b47>] qla2x00_probe_one+0x2eb8/0xd160 [qla2xxx]
[<00000000641ccc04>] local_pci_probe+0xeb/0x1a0
The root cause is traced to an error-handling path in qla2x00_probe_one()
when the adapter "base_vha" initialize failed. The fab_scan_rp "scan.l" is
used to record the port information and it is allocated in
qla2x00_create_host(). However, it is not released in the error handling
path "probe_failed".
Fix this by freeing the memory of "scan.l" when an error occurs in the
adapter initialization process.
The Linux kernel CVE team has assigned CVE-2023-53696 to this issue.
Affected and fixed versions
===========================
Issue introduced in 4.16 with commit a4239945b8ad112fb914d0605c8f6c5fd3330f61 and fixed in 5.15.107 with commit ae73c4dd48f2c79d515d509a0cbe9efb0a197f44
Issue introduced in 4.16 with commit a4239945b8ad112fb914d0605c8f6c5fd3330f61 and fixed in 6.1.24 with commit 44374911ac63f769c442f56fdfadea673c5f4425
Issue introduced in 4.16 with commit a4239945b8ad112fb914d0605c8f6c5fd3330f61 and fixed in 6.2.11 with commit 582e35e97318ccd9c81774bac08938291679525f
Issue introduced in 4.16 with commit a4239945b8ad112fb914d0605c8f6c5fd3330f61 and fixed in 6.3 with commit 85ade4010e13ef152ea925c74d94253db92e5428
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2023-53696
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
drivers/scsi/qla2xxx/qla_os.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/ae73c4dd48f2c79d515d509a0cbe9efb0a197f44
https://git.kernel.org/stable/c/44374911ac63f769c442f56fdfadea673c5f4425
https://git.kernel.org/stable/c/582e35e97318ccd9c81774bac08938291679525f
https://git.kernel.org/stable/c/85ade4010e13ef152ea925c74d94253db92e5428
Powered by blists - more mailing lists