CISA-2021-47198
Reported by Linux · Published April 10, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b" The NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg_fab_ctrl_node(), but the flag is not cleared upon completion of the login. This allows a second call to lpfc_unreg_rpi() to proceed with nlp_rpi set to LPFC_RPI_ALLOW_ERROR. This results in a use after free access when used as an rpi_ids array index. Fix by clearing the NLP_REG_LOGIN_SEND nlp_flag in lpfc_mbx_cmpl_fc_reg_login().
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | fe83e3b9b422ac8ece2359c7b7290efe7f0335a2, fe83e3b9b422ac8ece2359c7b7290efe7f0335a2 |
| Linux | Linux | 5.14, 0, 5.15.5 |
| Linux | Linux | 5.16, fe83e3b9b422ac8ece2359c7b7290efe7f0335a2, 5.14 |
| linux | linux_kernel | 5.14, 5.14, 5.14 |
Timeline
- Apr 10, 2024 CVE Published
- Dec 18, 2025 CVE Updated