In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsitask use after free Commit d39df158518c ("scsi: iscsi: Have abort handler get ref to conn") added iscsigetconn()/iscsiputconn() calls during abort handling but then also changed the handling of the case where we detect an already completed task where we now end up doing a goto to the common put/cleanup code. This results in a iscsitask use after free, because the common cleanup code will do a put on the iscsitask. This reverts the goto and moves the iscsigetconn() to after we've checked if the iscsitask is valid.