Release Date: | 2024-08-17 |
In the Linux kernel, the following vulnerability has been resolved:\nscsi: qla2xxx: During vport delete send async logout explicitly\nDuring vport delete, it is observed that during unload we hit a crash\nbecause of stale entries in outstanding command array. For all these stale\nI/O entries, eh_abort was issued and aborted (fast_fail_io = 2009h) but\nI/Os could not complete while vport delete is in process of deleting.\nBUG: kernel NULL pointer dereference, address: 000000000000001c\n#PF: supervisor read access in kernel mode\n#PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nWorkqueue: qla2xxx_wq qla_do_work [qla2xxx]\nRIP: 0010:dma_direct_unmap_sg+0x51/0x1e0\nRSP: 0018:ffffa1e1e150fc68 EFLAGS: 00010046\nRAX: 0000000000000000 RBX: 0000000000000021 RCX: 0000000000000001\nRDX: 0000000000000021 RSI: 0000000000000000 RDI: ffff8ce208a7a0d0\nRBP: ffff8ce208a7a0d0 R08: 0000000000000000 R09: ffff8ce378aac9c8\nR10: ffff8ce378aac8a0 R11: ffffa1e1e150f9d8 R12: 0000000000000000\nR13: 0000000000000000 R14: ffff8ce378aac9c8 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff8d217f000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000000000001c CR3: 0000002089acc000 CR4: 0000000000350ee0\nCall Trace:\n
See more information about CVE-2024-42289 from MITRE CVE dictionary and NIST NVD
NOTE: The following CVSS metrics and score provided are preliminary and subject to review.
Base Score: | 5.5 |
Vector String: | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Version: | 3.1 |
Attack Vector: | Local |
Attack Complexity: | Low |
Privileges Required: | Low |
User Interaction: | None |
Scope: | Unchanged |
Confidentiality: | None |
Integrity: | None |
Availability: | High |
Platform | Errata | Release Date |
Oracle Linux version 7 (kernel-uek) | ELSA-2024-12780 | 2024-10-11 |
Oracle Linux version 7 (kernel-uek) | ELSA-2024-12782 | 2024-10-14 |
Oracle Linux version 7 (kernel-uek) | ELSA-2024-12868 | 2024-12-06 |
Oracle Linux version 8 (kernel-uek) | ELSA-2024-12682 | 2024-09-23 |
Oracle Linux version 8 (kernel-uek) | ELSA-2024-12780 | 2024-10-11 |
Oracle Linux version 8 (kernel-uek) | ELSA-2024-12782 | 2024-10-14 |
Oracle Linux version 9 (kernel-uek) | ELSA-2024-12682 | 2024-09-23 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections: