CVE-2024-53227

HIGH 7.8

scsi: bfa: Fix use-after-free in bfad_im_module_exit()

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfad_im_module_exit() BUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: <TASK> dump_stack_lvl+0x95/0xe0 print_report+0xcb/0x620 kasan_report+0xbd/0xf0 __lock_acquire+0x2aca/0x3a20 lock_acquire+0x19b/0x520 _raw_spin_lock+0x2b/0x40 attribute_container_unregister+0x30/0x160 fc_release_transport+0x19/0x90 [scsi_transport_fc] bfad_im_module_exit+0x23/0x60 [bfa] bfad_init+0xdb/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> Allocated by task 25303: kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 __kasan_kmalloc+0x7f/0x90 fc_attach_transport+0x4f/0x4740 [scsi_transport_fc] bfad_im_module_init+0x17/0x80 [bfa] bfad_init+0x23/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 25303: kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3b/0x60 __kasan_slab_free+0x38/0x50 kfree+0x212/0x480 bfad_im_module_init+0x7e/0x80 [bfa] bfad_init+0x23/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Above issue happens as follows: bfad_init error = bfad_im_module_init() fc_release_transport(bfad_im_scsi_transport_template); if (error) goto ext; ext: bfad_im_module_exit(); fc_release_transport(bfad_im_scsi_transport_template); --> Trigger double release Don't call bfad_im_module_exit() if bfad_im_module_init() failed.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Dec 27, 2024
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < 0ceac8012d3ddea3317f0d82934293d05feb8af1 7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < 3932c753f805a02e9364a4c58b590f21901f8490 7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < ef2c2580189ea88a0dcaf56eb3a565763a900edb 7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < e76181a5be90abcc3ed8a300bd13878aa214d022 7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < 8f5a97443b547b4c83f876f1d6a11df0f1fd4efb 7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < c28409f851abd93b37969cac7498828ad533afd9 7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < 1ffdde30a90bf8efe8f270407f486706962b3292 7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < a2b5035ab0e368e8d8a371e27fbc72f133c0bd40 7725ccfda59715ecf8f99e3b520a0b84cc2ea79e < 178b8f38932d635e90f5f0e9af1986c6f4a89271

Linux / Linux

2.6.32

References

NVD ↗ CVE.org ↗ EPSS Data ↗