Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-26930
HistoryMay 01, 2024 - 6:15 a.m.

CVE-2024-26930

2024-05-0106:15:07
CWE-415
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
6
linux kernel
vulnerability
scsi
qla2xxx
double free
pointer
ha->vp_map
coverity scan
risk
kfree
cve-2024-26930

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix double free of the ha->vp_map pointer

Coverity scan reported potential risk of double free of the pointer
ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed
in function qla2x00_mem_free(ha).

Assign NULL to vp_map and kfree take care of NULL.

Affected configurations

Nvd
Node
linuxlinux_kernelRange<6.6.24
OR
linuxlinux_kernelRange6.76.7.12
OR
linuxlinux_kernelRange6.86.8.3
OR
linuxlinux_kernelMatch6.9rc1
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel6.9cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*

Related

osv 35
debiancve 1
cvelist 1
ubuntucve 1
cve 1
redhatcve 1
vulnrichment 1
cbl_mariner 1
nessus 46
openvas 9
redhat 3
ubuntu 5
osv
osv
CVE-2024-26930
2024-05-01 06:15:00
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
2024-07-12 13:35:21
Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5)
2024-07-12 15:03:47
debiancve
debiancve
CVE-2024-26930
2024-05-01 06:15:07
cvelist
cvelist
CVE-2024-26930 scsi: qla2xxx: Fix double free of the ha->vp_map pointer
2024-05-01 05:17:10
ubuntucve
ubuntucve
CVE-2024-26930
2024-05-01 00:00:00
cve
cve
CVE-2024-26930
2024-05-01 06:15:07
redhatcve
redhatcve
CVE-2024-26930
2024-05-01 19:17:54
vulnrichment
vulnrichment
CVE-2024-26930 scsi: qla2xxx: Fix double free of the ha->vp_map pointer
2024-05-01 05:17:10
cbl_mariner
cbl_mariner
CVE-2024-26930 affecting package kernel for versions less than 6.6.35.1-5
2024-07-22 15:42:40
nessus
nessus
SUSE SLES15 Security Update : kernel (Live Patch 26 for SLE 15 SP4) (SUSE-SU-2024:2449-1)
2024-07-13 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 6 for SLE 15 SP5) (SUSE-SU-2024:2530-1)
2024-07-17 00:00:00
SUSE SLES15 Security Update : kernel RT (Live Patch 3 for SLE 15 SP5) (SUSE-SU-2024:2326-1)
2024-07-09 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1978-1)
2024-06-12 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2185-1)
2024-06-29 00:00:00
Ubuntu: Security Advisory (USN-6817-3)
2024-06-17 00:00:00
redhat
redhat
(RHSA-2024:5067) Moderate: kernel-rt security update
2024-08-07 00:06:24
(RHSA-2024:5066) Moderate: kernel security update
2024-08-07 00:05:55
(RHSA-2024:5433) Important: OpenShift Container Platform 4.14.35 security update
2024-08-22 11:36:51
ubuntu
ubuntu
Linux kernel (Oracle) vulnerabilities
2024-07-04 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (OEM) vulnerabilities
2024-06-11 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for NVD:CVE-2024-26930
osv35debiancve1cvelist1ubuntucve1cve1redhatcve1vulnrichment1cbl_mariner1nessus46openvas9redhat3ubuntu5