CVE-2024-24855

CVSS v3.1 4.7 (Medium)

EPSS 0.04 % (10^th)

Affected Products 1

Advisories 19

A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
CNA: OpenAnolis
Published Date: 2024-02-05 08:15:44
(7 months ago)
Updated Date: 2024-02-10 04:06:40
(7 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel 2.6.33.20 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 2.6.33.20
Linux Kernel from 6.0 version and 6.4.16 and prior versions	cpe:2.3:o:linux:linux_kernel	>= 6.0	<= 6.4.16
Linux Kernel 2.6.34 Rc1	cpe:2.3:o:linux:linux_kernel:2.6.34:rc1
Linux Kernel 6.5 Rc1	cpe:2.3:o:linux:linux_kernel:6.5:rc1