CVE-2024-35930

Published: May 19, 2024Modified: May 12, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion is not called, and thus the elsiocb resource is leaked. Check return value after calling lpfc_sli4_resume_rpi() and conditionally release the elsiocb resource.

Affected (8)

Products: Linux: Linux Kernel · Debian: Debian Linux

1 product

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 4.19.312
Linux Linux Kernel	From 4.20 to 5.4.274
Linux Linux Kernel	From 5.11 to 5.15.155
Linux Linux Kernel	From 5.16 to 6.1.86
Linux Linux Kernel	From 5.5 to 5.10.215
Linux Linux Kernel	From 6.2 to 6.6.27
Linux Linux Kernel	From 6.7 to 6.8.6

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (19)

https://git.kernel.org/stable/c/07a2aa674fca679316b8ac51440adb895b53a7cf

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/2ae917d4bcab80ab304b774d492e2fcd6c52c06b

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3320126ed3afbc11934502319b340f91a4d61c8f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/7849e6f8410da96384e3d1f6b6d730f095142dc7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c473288f27d15014447de5a891bdf22a0695847a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e2cd32435b1dff3d63759476a3abc878e02fb6c8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ee0b5f96b6d66a1e6698228dcb41df11ec7f352f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/07a2aa674fca679316b8ac51440adb895b53a7cf

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/2ae917d4bcab80ab304b774d492e2fcd6c52c06b

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/3320126ed3afbc11934502319b340f91a4d61c8f

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/7849e6f8410da96384e3d1f6b6d730f095142dc7

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/c473288f27d15014447de5a891bdf22a0695847a

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/e2cd32435b1dff3d63759476a3abc878e02fb6c8

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ee0b5f96b6d66a1e6698228dcb41df11ec7f352f

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Timeline

No history available yet.