In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
Commit 8c0eb596baa5 (“[SCSI] qla2xxx: Fix a memory leak in an error path of
qla2x00_process_els()”), intended to change:
bsg_job->request->msgcode == FC_BSG_HST_ELS_NOLOGIN
bsg_job->request->msgcode != FC_BSG_RPT_ELS
but changed it to:
bsg_job->request->msgcode == FC_BSG_RPT_ELS
instead.
Change the == to a != to avoid leaking the fcport structure or freeing
unallocated memory.
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/scsi/qla2xxx/qla_bsg.c"
],
"versions": [
{
"version": "8c0eb596baa5",
"lessThan": "96f0aebf29be",
"status": "affected",
"versionType": "git"
},
{
"version": "8c0eb596baa5",
"lessThan": "a7fbb56e6c94",
"status": "affected",
"versionType": "git"
},
{
"version": "8c0eb596baa5",
"lessThan": "7fb223d0ad80",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/scsi/qla2xxx/qla_bsg.c"
],
"versions": [
{
"version": "3.11",
"status": "affected"
},
{
"version": "0",
"lessThan": "3.11",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.76",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.15",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]