Primary

Context

Linux Kernel SCSI QLA2XXX Driver Null Pointer Dereference Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's SCSI QLA2XXX driver could lead to a null pointer dereference. The issue arises because the function 'fc_bsg_to_rport()' may return a null value, which is not properly checked before being dereferenced. This flaw was highlighted by a Klocwork static analysis warning.

Impact

Exploitation of this vulnerability can cause a null pointer dereference, leading to a kernel crash.

Reproduction

The vulnerability can be reproduced by sending a Fibre Channel Block Storage Group (BSG) job that requests an ELS (Extended Link Service) message. The 'fc_bsg_to_rport()' function will be called to retrieve the corresponding remote port (rport). If the rport is null, it will trigger a memory allocation error and cause the function to exit prematurely, but without proper handling, this could lead to a crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Dec 24, 2025, 12:54 PM

Updated: Dec 24, 2025, 12:54 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

1.7

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

1.7

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SCSI QLA2XXX Driver Null Pointer Dereference Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating