Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Qla2xxx SCSI Driver Null Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's QLogic Fibre Channel driver (qla2xxx) has been addressed. The issue, identified by the Klocwork static analysis tool, involved a potential null pointer dereference. Specifically, the 'rport' pointer, obtained from the 'fc_bsg_to_rport()' function, could be NULL and was being dereferenced without proper validation. This vulnerability has been fixed by adding a check to ensure 'rport' is valid before dereferencing it.

Impact

Exploitation of this vulnerability could lead to a null pointer dereference, causing a kernel crash and disrupting system operations.

Reproduction

The vulnerability can be reproduced by sending a SCSI command that triggers the 'FC_BSG_RPT_ELS' message code in the QLogic Fibre Channel driver. The 'fc_bsg_to_rport()' function will return a NULL 'rport', which will then be dereferenced, leading to a crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.

Added: Sep 15, 2025, 3:32 PM
Updated: Sep 15, 2025, 3:32 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.