Linux Kernel qla2xxx SCSI Driver Denial-of-Service Vulnerability During Module Unload

Vulnerability

A denial-of-service vulnerability has been identified in the Linux kernel's qla2xxx SCSI driver. The issue arises during module load and unload tests, where the driver improperly frees a pre-allocated structure. This mismanagement leads to a system crash, as evidenced by a call trace showing the sequence of operations that preceded the failure.

Impact

The vulnerability causes a system crash, disrupting normal operations and potentially leading to a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel qla2xxx SCSI Driver Denial-of-Service Vulnerability During Module Unload

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating