Linux Kernel qla2xxx SCSI Driver Warning Message Handling Vulnerability

Vulnerability

A vulnerability in the Linux kernel's qla2xxx SCSI driver has been addressed. The issue involved the driver generating a warning message due to a mismatch between expected and actual error code types. This discrepancy arose when an 'ADISC' command was flushed, leading to an improper error handling scenario. The vulnerability was related to the driver's asynchronous command completion process, where the error code translation was inadequate, causing potential confusion in error management.

Impact

The vulnerability could lead to improper error handling in the SCSI driver, potentially causing issues in command processing and device management.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel qla2xxx SCSI Driver Warning Message Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating