CVE-2024-49852
Published: Oct 21, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() The kref_put() function will call nport->release if the refcount drops to zero. The nport->release release function is _efc_nport_free() which frees "nport". But then we dereference "nport" on the next line which is a use after free. Re-order these lines to avoid the use after free.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected fcd427303eb90aa3cb08e7e0b68e0e67a6d47346 - < 16a570f07d870a285b0c0b0d1ca4dff79e8aa5ffaffected fcd427303eb90aa3cb08e7e0b68e0e67a6d47346 - < abc71e89170ed32ecf0a5a29f31aa711e143e941affected fcd427303eb90aa3cb08e7e0b68e0e67a6d47346 - < baeb8628ab7f4577740f00e439d3fdf7c876b0ffaffected fcd427303eb90aa3cb08e7e0b68e0e67a6d47346 - < 7c2908985e4ae0ea1b526b3916de9e5351650908affected fcd427303eb90aa3cb08e7e0b68e0e67a6d47346 - < 98752fcd076a8cbc978016eae7125b4971be1eec+1 more versions |
Linux | Linux | affected 5.14unaffected 0 - < 5.14unaffected 5.15.168 - <= 5.15.*unaffected 6.1.113 - <= 6.1.*unaffected 6.6.54 - <= 6.6.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now