CVE-2024-49852

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-49852
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49852.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-49852
Downstream
Related
Published
2024-10-21T12:18:45.418Z
Modified
2026-03-20T12:38:07.715085Z
Summary
scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: elx: libefc: Fix potential use after free in efcnportvport_del()

The krefput() function will call nport->release if the refcount drops to zero. The nport->release release function is efcnportfree() which frees "nport". But then we dereference "nport" on the next line which is a use after free. Re-order these lines to avoid the use after free.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49852.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
fcd427303eb90aa3cb08e7e0b68e0e67a6d47346
Fixed
16a570f07d870a285b0c0b0d1ca4dff79e8aa5ff
Fixed
abc71e89170ed32ecf0a5a29f31aa711e143e941
Fixed
baeb8628ab7f4577740f00e439d3fdf7c876b0ff
Fixed
7c2908985e4ae0ea1b526b3916de9e5351650908
Fixed
98752fcd076a8cbc978016eae7125b4971be1eec
Fixed
2e4b02fad094976763af08fec2c620f4f8edd9ae

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49852.json"