发布于3月6日3月6日 Members Red Hat: CVE-2024-35930: kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/19/2024 Created 08/13/2024 Added 08/12/2024 Modified 12/05/2024 Description In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an unsuccessful status.In such cases, the elsiocb is not issued, the completion is not called, and thus the elsiocb resource is leaked. Check return value after calling lpfc_sli4_resume_rpi() and conditionally release the elsiocb resource. Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2024-35930 RHSA-2024:5101 RHSA-2024:5102 RHSA-2024:9315
