CVE-2024-43821
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-43821
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43821.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-43821
- Downstream
- Related
- Published
- 2024-08-17T09:21:42Z
- Modified
- 2025-10-17T10:22:08.512817Z
- Summary
- scsi: lpfc: Fix a possible null pointer dereference
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Fix a possible null pointer dereference
In function lpfcxcvrdatashow, the memory allocation with kmalloc might fail, thereby making rdpcontext a null pointer. In the following context and functions that use this pointer, there are dereferencing operations, leading to null pointer dereference.
To fix this issue, a null pointer check should be added. If it is null, use scnprintf to notify the user and return len.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced479b0917e4477f49df2e3be454aac3cfa5dec171Fixed57600a7dd2b52c904f7c8d2cac0fd8c23868e680
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced479b0917e4477f49df2e3be454aac3cfa5dec171Fixed45b2a23e00d448a9e6d1f371ca3a4d4b073fe78c
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced479b0917e4477f49df2e3be454aac3cfa5dec171Fixed5e0bf3e8aec2cbc51123f84b29aaacbd91fc56fa
Affected versions
v6.*
v6.1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"id": "CVE-2024-43821-6d99e31b",
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "drivers/scsi/lpfc/lpfc_attr.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5e0bf3e8aec2cbc51123f84b29aaacbd91fc56fa",
"digest": {
"threshold": 0.9,
"line_hashes": [
"36970859384765345623867570123839047879",
"136473902747574616721569182295696950454",
"242773057811663407854193676955310266009",
"224405354381788500986282837980454677560"
]
},
"deprecated": false
},
{
"id": "CVE-2024-43821-76bbbd15",
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "drivers/scsi/lpfc/lpfc_attr.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@57600a7dd2b52c904f7c8d2cac0fd8c23868e680",
"digest": {
"threshold": 0.9,
"line_hashes": [
"36970859384765345623867570123839047879",
"136473902747574616721569182295696950454",
"242773057811663407854193676955310266009",
"224405354381788500986282837980454677560"
]
},
"deprecated": false
},
{
"id": "CVE-2024-43821-90c1f71a",
"signature_type": "Function",
"signature_version": "v1",
"target": {
"function": "lpfc_xcvr_data_show",
"file": "drivers/scsi/lpfc/lpfc_attr.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@57600a7dd2b52c904f7c8d2cac0fd8c23868e680",
"digest": {
"function_hash": "73710803711532879181810466088457949342",
"length": 3804.0
},
"deprecated": false
},
{
"id": "CVE-2024-43821-97343df2",
"signature_type": "Function",
"signature_version": "v1",
"target": {
"function": "lpfc_xcvr_data_show",
"file": "drivers/scsi/lpfc/lpfc_attr.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5e0bf3e8aec2cbc51123f84b29aaacbd91fc56fa",
"digest": {
"function_hash": "73710803711532879181810466088457949342",
"length": 3804.0
},
"deprecated": false
},
{
"id": "CVE-2024-43821-b8c66461",
"signature_type": "Function",
"signature_version": "v1",
"target": {
"function": "lpfc_xcvr_data_show",
"file": "drivers/scsi/lpfc/lpfc_attr.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45b2a23e00d448a9e6d1f371ca3a4d4b073fe78c",
"digest": {
"function_hash": "73710803711532879181810466088457949342",
"length": 3804.0
},
"deprecated": false
},
{
"id": "CVE-2024-43821-e671dbab",
"signature_type": "Line",
"signature_version": "v1",
"target": {
"file": "drivers/scsi/lpfc/lpfc_attr.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@45b2a23e00d448a9e6d1f371ca3a4d4b073fe78c",
"digest": {
"threshold": 0.9,
"line_hashes": [
"36970859384765345623867570123839047879",
"136473902747574616721569182295696950454",
"242773057811663407854193676955310266009",
"224405354381788500986282837980454677560"
]
},
"deprecated": false
}
]