Linux Kernel QLogic FastLinQ Offload FCoE Driver NULL Dereference Vulnerability

A NULL dereference vulnerability has been identified in the Linux kernel's QLogic FastLinQ offload FCoE driver framework, specifically within the SCSI qedf driver. This issue arises in the 'qedf_alloc_global_queues' function, where error handling improperly manages the allocation of global queue addresses. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to a NULL pointer dereference, causing a crash or undefined behavior in the kernel.

Reproduction

The vulnerability can be reproduced by loading the QLogic FastLinQ offload FCoE driver framework with an uninitialized 'p_cpuq' parameter. This condition triggers the 'qedf_alloc_global_queues' function to return an error without properly allocating the 'global_queues'. Consequently, if 'qedf_free_global_queues' is called, it will attempt to access a NULL pointer, leading to a dereference error.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched.