Linux Kernel SCSI qla2xxx Driver Lockless Command Completion Vulnerability

Vulnerability

A vulnerability in the Linux kernel's SCSI qla2xxx driver allows for lockless command completion during the abort process. This issue was observed when adding or removing the controller, leading to a warning about a potential double free in the DMA mapping layer. The vulnerability arises because commands are completed while holding a lock, which can cause inconsistencies when the driver is unloaded.

Impact

The vulnerability could lead to a use-after-free condition, where memory is freed while still in use, potentially causing memory corruption or allowing for arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SCSI qla2xxx Driver Lockless Command Completion Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating