CVE-2024-35930

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() The call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an unsuccessful status. In such cases, the elsiocb is not issued, the completion is not called, and thus the elsiocb resource is leaked. Check return value after calling lpfc_sli4_resume_rpi() and conditionally release the elsiocb resource.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/07a2aa674fca679316b8ac51440adb895b53a7cf	Patch
https://git.kernel.org/stable/c/2ae917d4bcab80ab304b774d492e2fcd6c52c06b	Patch
https://git.kernel.org/stable/c/3320126ed3afbc11934502319b340f91a4d61c8f	Patch
https://git.kernel.org/stable/c/7849e6f8410da96384e3d1f6b6d730f095142dc7	Patch
https://git.kernel.org/stable/c/c473288f27d15014447de5a891bdf22a0695847a	Patch
https://git.kernel.org/stable/c/e2cd32435b1dff3d63759476a3abc878e02fb6c8	Patch
https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8	Patch
https://git.kernel.org/stable/c/ee0b5f96b6d66a1e6698228dcb41df11ec7f352f	Patch
https://git.kernel.org/stable/c/07a2aa674fca679316b8ac51440adb895b53a7cf	Patch
https://git.kernel.org/stable/c/2ae917d4bcab80ab304b774d492e2fcd6c52c06b	Patch
https://git.kernel.org/stable/c/3320126ed3afbc11934502319b340f91a4d61c8f	Patch
https://git.kernel.org/stable/c/7849e6f8410da96384e3d1f6b6d730f095142dc7	Patch
https://git.kernel.org/stable/c/c473288f27d15014447de5a891bdf22a0695847a	Patch
https://git.kernel.org/stable/c/e2cd32435b1dff3d63759476a3abc878e02fb6c8	Patch
https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8	Patch
https://git.kernel.org/stable/c/ee0b5f96b6d66a1e6698228dcb41df11ec7f352f	Patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html	Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html	Mailing List
https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

12 May 2026, 12:16

Type	Values Removed	Values Added
References		() https://cert-portal.siemens.com/productcert/html/ssa-265688.html -

30 Dec 2024, 19:52

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:debian:debian_linux:10.0:::::::*
References	~~() https://git.kernel.org/stable/c/07a2aa674fca679316b8ac51440adb895b53a7cf -~~	() https://git.kernel.org/stable/c/07a2aa674fca679316b8ac51440adb895b53a7cf - Patch
References	~~() https://git.kernel.org/stable/c/2ae917d4bcab80ab304b774d492e2fcd6c52c06b -~~	() https://git.kernel.org/stable/c/2ae917d4bcab80ab304b774d492e2fcd6c52c06b - Patch
References	~~() https://git.kernel.org/stable/c/3320126ed3afbc11934502319b340f91a4d61c8f -~~	() https://git.kernel.org/stable/c/3320126ed3afbc11934502319b340f91a4d61c8f - Patch
References	~~() https://git.kernel.org/stable/c/7849e6f8410da96384e3d1f6b6d730f095142dc7 -~~	() https://git.kernel.org/stable/c/7849e6f8410da96384e3d1f6b6d730f095142dc7 - Patch
References	~~() https://git.kernel.org/stable/c/c473288f27d15014447de5a891bdf22a0695847a -~~	() https://git.kernel.org/stable/c/c473288f27d15014447de5a891bdf22a0695847a - Patch
References	~~() https://git.kernel.org/stable/c/e2cd32435b1dff3d63759476a3abc878e02fb6c8 -~~	() https://git.kernel.org/stable/c/e2cd32435b1dff3d63759476a3abc878e02fb6c8 - Patch
References	~~() https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8 -~~	() https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8 - Patch
References	~~() https://git.kernel.org/stable/c/ee0b5f96b6d66a1e6698228dcb41df11ec7f352f -~~	() https://git.kernel.org/stable/c/ee0b5f96b6d66a1e6698228dcb41df11ec7f352f - Patch
References	~~() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -~~	() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html - Mailing List
References	~~() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -~~	() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Mailing List
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux linux Kernel Linux Debian debian Linux Debian
CWE		CWE-401

21 Nov 2024, 09:21

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html - () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -
References	~~() https://git.kernel.org/stable/c/07a2aa674fca679316b8ac51440adb895b53a7cf -~~	() https://git.kernel.org/stable/c/07a2aa674fca679316b8ac51440adb895b53a7cf -
References	~~() https://git.kernel.org/stable/c/2ae917d4bcab80ab304b774d492e2fcd6c52c06b -~~	() https://git.kernel.org/stable/c/2ae917d4bcab80ab304b774d492e2fcd6c52c06b -
References	~~() https://git.kernel.org/stable/c/3320126ed3afbc11934502319b340f91a4d61c8f -~~	() https://git.kernel.org/stable/c/3320126ed3afbc11934502319b340f91a4d61c8f -
References	~~() https://git.kernel.org/stable/c/7849e6f8410da96384e3d1f6b6d730f095142dc7 -~~	() https://git.kernel.org/stable/c/7849e6f8410da96384e3d1f6b6d730f095142dc7 -
References	~~() https://git.kernel.org/stable/c/c473288f27d15014447de5a891bdf22a0695847a -~~	() https://git.kernel.org/stable/c/c473288f27d15014447de5a891bdf22a0695847a -
References	~~() https://git.kernel.org/stable/c/e2cd32435b1dff3d63759476a3abc878e02fb6c8 -~~	() https://git.kernel.org/stable/c/e2cd32435b1dff3d63759476a3abc878e02fb6c8 -
References	~~() https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8 -~~	() https://git.kernel.org/stable/c/edf82aa7e9eb864a09229392054d131b34a5c9e8 -
References	~~() https://git.kernel.org/stable/c/ee0b5f96b6d66a1e6698228dcb41df11ec7f352f -~~	() https://git.kernel.org/stable/c/ee0b5f96b6d66a1e6698228dcb41df11ec7f352f -

05 Nov 2024, 10:16

Type	Values Removed	Values Added
References	~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~

27 Jun 2024, 12:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -

25 Jun 2024, 23:15

Type	Values Removed	Values Added
References		() https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: lpfc: corrige una posible pérdida de memoria en lpfc_rcv_padisc() La llamada a lpfc_sli4_resume_rpi() en lpfc_rcv_padisc() puede devolver un estado fallido. En tales casos, no se emite elsiocb, no se llama a la finalización y, por lo tanto, se filtra el recurso elsiocb. Verifique el valor de retorno después de llamar a lpfc_sli4_resume_rpi() y libere condicionalmente el recurso elsiocb.

19 May 2024, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-19 11:15

Updated : 2026-06-17 07:35

NVD link : CVE-2024-35930

Mitre link : CVE-2024-35930

CVE.ORG link : CVE-2024-35930

JSON object : View

Products Affected

debian

debian_linux

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10