CVE-2024-49891

Published: Oct 21, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths When the HBA is undergoing a reset or is handling an errata event, NULL ptr dereference crashes may occur in routines such as lpfc_sli_flush_io_rings(), lpfc_dev_loss_tmo_callbk(), or lpfc_abort_handler(). Add NULL ptr checks before dereferencing hdwq pointers that may have been freed due to operations colliding with a reset or errata event handler.

Vendor	Product	Versions
Linux	Linux	affected `895427bd012ce5814fc9888c7c0ee9de44761833 - < 5873aa7f814754085d418848b2089ef406a02dd0` affected `895427bd012ce5814fc9888c7c0ee9de44761833 - < 232a138bd843d48cb2368f604646d990db7640f3` affected `895427bd012ce5814fc9888c7c0ee9de44761833 - < 99a801e2fca39a6f31e543fc3383058a8955896f` affected `895427bd012ce5814fc9888c7c0ee9de44761833 - < fd665c8dbdb19548965b0ae80c490de00e906366` affected `895427bd012ce5814fc9888c7c0ee9de44761833 - < 2be1d4f11944cd6283cb97268b3e17c4424945ca`
Linux	Linux	affected `4.11` unaffected `0 - < 4.11` unaffected `6.1.120 - <= 6.1.` unaffected `6.6.64 - <= 6.6.` unaffected `6.10.14 - <= 6.10.*` +2 more versions

References

https://git.kernel.org/stable/c/5873aa7f814754085d418848b2089ef406a02dd0

https://git.kernel.org/stable/c/232a138bd843d48cb2368f604646d990db7640f3

https://git.kernel.org/stable/c/99a801e2fca39a6f31e543fc3383058a8955896f

https://git.kernel.org/stable/c/fd665c8dbdb19548965b0ae80c490de00e906366

https://git.kernel.org/stable/c/2be1d4f11944cd6283cb97268b3e17c4424945ca

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-49891

Description

Affected Products

References