CVE-2024-49891

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-49891
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49891.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-49891
Downstream
Related
Published
2024-10-21T18:15:11Z
Modified
2025-08-09T20:01:26Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths

When the HBA is undergoing a reset or is handling an errata event, NULL ptr dereference crashes may occur in routines such as lpfcsliflushiorings(), lpfcdevlosstmocallbk(), or lpfcaborthandler().

Add NULL ptr checks before dereferencing hdwq pointers that may have been freed due to operations colliding with a reset or errata event handler.

References

Affected packages