{"id":"CVE-2024-26929","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of fcport\n\nThe server was crashing after LOGO because fcport was getting freed twice.\n\n -----------[ cut here ]-----------\n kernel BUG at mm/slub.c:371!\n invalid opcode: 0000 1 SMP PTI\n CPU: 35 PID: 4610 Comm: bash Kdump: loaded Tainted: G OE --------- - - 4.18.0-425.3.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n RIP: 0010:set_freepointer.part.57+0x0/0x10\n RSP: 0018:ffffb07107027d90 EFLAGS: 00010246\n RAX: ffff9cb7e3150000 RBX: ffff9cb7e332b9c0 RCX: ffff9cb7e3150400\n RDX: 0000000000001f37 RSI: 0000000000000000 RDI: ffff9cb7c0005500\n RBP: fffff693448c5400 R08: 0000000080000000 R09: 0000000000000009\n R10: 0000000000000000 R11: 0000000000132af0 R12: ffff9cb7c0005500\n R13: ffff9cb7e3150000 R14: ffffffffc06990e0 R15: ffff9cb7ea85ea58\n FS: 00007ff6b79c2740(0000) GS:ffff9cb8f7ec0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055b426b7d700 CR3: 0000000169c18002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n kfree+0x238/0x250\n qla2x00_els_dcmd_sp_free+0x20/0x230 [qla2xxx]\n ? qla24xx_els_dcmd_iocb+0x607/0x690 [qla2xxx]\n qla2x00_issue_logo+0x28c/0x2a0 [qla2xxx]\n ? qla2x00_issue_logo+0x28c/0x2a0 [qla2xxx]\n ? kernfs_fop_write+0x11e/0x1a0\n\nRemove one of the free calls and add check for valid fcport. Also use\nfunction qla2x00_free_fcport() instead of kfree().","modified":"2026-03-23T05:08:25.152474432Z","published":"2024-05-01T06:15:07Z","withdrawn":"2025-01-07T00:54:21.885253Z","related":["ALSA-2024:6997","SUSE-SU-2024:1643-1","SUSE-SU-2024:1646-1","SUSE-SU-2024:1870-1","SUSE-SU-2024:1978-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2008-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2185-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2025:0834-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/282877633b25d67021a34169c5b5519b1d4ef65e"},{"type":"FIX","url":"https://git.kernel.org/stable/c/82f522ae0d97119a43da53e0f729275691b9c525"},{"type":"FIX","url":"https://git.kernel.org/stable/c/846fb9f112f618ec6ae181d8dae7961652574774"},{"type":"FIX","url":"https://git.kernel.org/stable/c/9b43d2884b54d415caab48878b526dfe2ae9921b"},{"type":"FIX","url":"https://git.kernel.org/stable/c/b03e626bd6d3f0684f56ee1890d70fc9ca991c04"},{"type":"FIX","url":"https://git.kernel.org/stable/c/f85af9f1aa5e2f53694a6cbe72010f754b5ff862"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2024-26929"}],"affected":[{"package":{"name":"linux","ecosystem":"Debian:11","purl":"pkg:deb/debian/linux?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.10.103-1","5.10.103-1~bpo10+1","5.10.106-1","5.10.113-1","5.10.120-1","5.10.120-1~bpo10+1","5.10.127-1","5.10.127-2","5.10.127-2~bpo10+1","5.10.136-1","5.10.140-1","5.10.148-1","5.10.149-1","5.10.149-2","5.10.158-1","5.10.158-2","5.10.162-1","5.10.178-1","5.10.178-2","5.10.178-3","5.10.179-1","5.10.179-2","5.10.179-3","5.10.179-4","5.10.179-5","5.10.191-1","5.10.197-1","5.10.205-1","5.10.205-2","5.10.209-1","5.10.209-2","5.10.216-1","5.10.218-1","5.10.221-1","5.10.223-1","5.10.46-4","5.10.46-5","5.10.70-1","5.10.70-1~bpo10+1","5.10.84-1","5.10.92-1","5.10.92-1~bpo10+1","5.10.92-2","5.13.12-1~exp1","5.13.9-1~exp1","5.13.9-1~exp2","5.14-1~exp1","5.14-1~exp2","5.14.1-1~exp1","5.14.12-1","5.14.16-1","5.14.2-1~exp1","5.14.3-1~exp1","5.14.6-1","5.14.6-2","5.14.6-3","5.14.9-1","5.14.9-2","5.14.9-2~bpo11+1","5.15-1~exp1","5.15.1-1~exp1","5.15.15-1","5.15.15-2","5.15.15-2~bpo11+1","5.15.2-1~exp1","5.15.3-1","5.15.5-1","5.15.5-2","5.15.5-2~bpo11+1","5.16.10-1","5.16.11-1","5.16.11-1~bpo11+1","5.16.12-1","5.16.12-1~bpo11+1","5.16.14-1","5.16.18-1","5.16.3-1~exp1","5.16.4-1~exp1","5.16.7-1","5.16.7-2","5.16~rc1-1~exp1","5.16~rc3-1~exp1","5.16~rc4-1~exp1","5.16~rc5-1~exp1","5.16~rc6-1~exp1","5.16~rc7-1~exp1","5.16~rc8-1~exp1","5.17.1-1~exp1","5.17.11-1","5.17.3-1","5.17.6-1","5.17~rc3-1~exp1","5.17~rc4-1~exp1","5.17~rc5-1~exp1","5.17~rc6-1~exp1","5.17~rc7-1~exp1","5.17~rc8-1~exp1","5.18-1~exp1","5.18.14-1","5.18.14-1~bpo11+1","5.18.16-1","5.18.16-1~bpo11+1","5.18.2-1","5.18.2-1~bpo11+1","5.18.5-1","5.19-1~exp1","5.19.11-1","5.19.11-1~bpo11+1","5.19.6-1","5.19~rc4-1~exp1","5.19~rc6-1~exp1","6.0-1~exp1","6.0.10-1","6.0.10-2","6.0.12-1","6.0.12-1+alpha","6.0.12-1~bpo11+1","6.0.2-1","6.0.3-1","6.0.3-1~bpo11+1","6.0.5-1","6.0.6-1","6.0.6-2","6.0.7-1","6.0.8-1","6.0~rc7-1~exp1","6.1.1-1~exp1","6.1.1-1~exp2","6.1.106-1","6.1.106-2","6.1.106-3","6.1.11-1","6.1.12-1","6.1.12-1~bpo11+1","6.1.15-1","6.1.15-1~bpo11+1","6.1.2-1~exp1","6.1.20-1","6.1.20-1~bpo11+1","6.1.20-2","6.1.20-2~bpo11+1","6.1.25-1","6.1.27-1","6.1.27-1~bpo11+1","6.1.37-1","6.1.38-1","6.1.38-2","6.1.38-2~bpo11+1","6.1.38-3","6.1.38-4","6.1.38-4~bpo11+1","6.1.4-1","6.1.52-1","6.1.55-1","6.1.55-1~bpo11+1","6.1.64-1","6.1.66-1","6.1.67-1","6.1.69-1","6.1.69-1~bpo11+1","6.1.7-1","6.1.76-1","6.1.76-1~bpo11+1","6.1.8-1","6.1.8-1+sh4","6.1.82-1","6.1.85-1","6.1.90-1","6.1.90-1~bpo11+1","6.1.94-1","6.1.94-1~bpo11+1","6.1.98-1","6.1.99-1","6.10-1~exp1","6.10.1-1~exp1","6.10.3-1","6.10.4-1","6.10.6-1","6.10.6-1~bpo12+1","6.10.7-1","6.10.9-1","6.11~rc4-1~exp1","6.11~rc5-1~exp1","6.1~rc3-1~exp1","6.1~rc5-1~exp1","6.1~rc6-1~exp1","6.1~rc7-1~exp1","6.1~rc8-1~exp1","6.3.1-1~exp1","6.3.11-1","6.3.2-1~exp1","6.3.4-1~exp1","6.3.5-1~exp1","6.3.7-1","6.3.7-1~bpo12+1","6.4.1-1~exp1","6.4.11-1","6.4.13-1","6.4.4-1","6.4.4-1~bpo12+1","6.4.4-2","6.4.4-3","6.4.4-3~bpo12+1","6.4~rc6-1~exp1","6.4~rc7-1~exp1","6.5.1-1~exp1","6.5.10-1","6.5.10-1~bpo12+1","6.5.13-1","6.5.3-1","6.5.3-1~bpo12+1","6.5.6-1","6.5.8-1","6.5~rc4-1~exp1","6.5~rc6-1~exp1","6.5~rc7-1~exp1","6.6.11-1","6.6.13-1","6.6.13-1~bpo12+1","6.6.15-1","6.6.15-2","6.6.3-1~exp1","6.6.4-1~exp1","6.6.7-1~exp1","6.6.8-1","6.6.9-1","6.7-1~exp1","6.7.1-1~exp1","6.7.12-1","6.7.12-1~bpo12+1","6.7.4-1~exp1","6.7.7-1","6.7.9-1","6.7.9-2","6.8.11-1","6.8.12-1","6.8.12-1~bpo12+1","6.8.9-1","6.9.10-1","6.9.10-1~bpo12+1","6.9.11-1","6.9.12-1","6.9.2-1~exp1","6.9.7-1","6.9.7-1~bpo12+1","6.9.8-1","6.9.9-1"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26929.json"}},{"package":{"name":"linux","ecosystem":"Debian:12","purl":"pkg:deb/debian/linux?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.85-1"}]}],"versions":["6.1.27-1","6.1.37-1","6.1.38-1","6.1.38-2","6.1.38-2~bpo11+1","6.1.38-3","6.1.38-4","6.1.38-4~bpo11+1","6.1.52-1","6.1.55-1","6.1.55-1~bpo11+1","6.1.64-1","6.1.66-1","6.1.67-1","6.1.69-1","6.1.69-1~bpo11+1","6.1.76-1","6.1.76-1~bpo11+1","6.1.82-1"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26929.json"}},{"package":{"name":"linux","ecosystem":"Debian:13","purl":"pkg:deb/debian/linux?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.7.12-1"}]}],"versions":["6.1.106-1","6.1.106-2","6.1.106-3","6.1.27-1","6.1.37-1","6.1.38-1","6.1.38-2","6.1.38-2~bpo11+1","6.1.38-3","6.1.38-4","6.1.38-4~bpo11+1","6.1.52-1","6.1.55-1","6.1.55-1~bpo11+1","6.1.64-1","6.1.66-1","6.1.67-1","6.1.69-1","6.1.69-1~bpo11+1","6.1.76-1","6.1.76-1~bpo11+1","6.1.82-1","6.1.85-1","6.1.90-1","6.1.90-1~bpo11+1","6.1.94-1","6.1.94-1~bpo11+1","6.1.98-1","6.1.99-1","6.3.1-1~exp1","6.3.11-1","6.3.2-1~exp1","6.3.4-1~exp1","6.3.5-1~exp1","6.3.7-1","6.3.7-1~bpo12+1","6.4.1-1~exp1","6.4.11-1","6.4.13-1","6.4.4-1","6.4.4-1~bpo12+1","6.4.4-2","6.4.4-3","6.4.4-3~bpo12+1","6.4~rc6-1~exp1","6.4~rc7-1~exp1","6.5.1-1~exp1","6.5.10-1","6.5.10-1~bpo12+1","6.5.13-1","6.5.3-1","6.5.3-1~bpo12+1","6.5.6-1","6.5.8-1","6.5~rc4-1~exp1","6.5~rc6-1~exp1","6.5~rc7-1~exp1","6.6.11-1","6.6.13-1","6.6.13-1~bpo12+1","6.6.15-1","6.6.15-2","6.6.3-1~exp1","6.6.4-1~exp1","6.6.7-1~exp1","6.6.8-1","6.6.9-1","6.7-1~exp1","6.7.1-1~exp1","6.7.12-1~bpo12+1","6.7.4-1~exp1","6.7.7-1","6.7.9-1","6.7.9-2"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26929.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}