Description

In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() The kref_put() function will call nport->release if the refcount drops to zero. The nport->release release function is _efc_nport_free() which frees "nport". But then we dereference "nport" on the next line which is a use after free. Re-order these lines to avoid the use after free.

INFO

Published Date :

2024-10-21T12:18:45.418Z

Last Modified :

2025-11-03T22:22:19.683Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-49852 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-49852.

URL Resource
https://git.kernel.org/stable/c/16a570f07d870a285b0c0b0d1ca4dff79e8aa5ff cve-icon cve-icon
https://git.kernel.org/stable/c/2e4b02fad094976763af08fec2c620f4f8edd9ae cve-icon cve-icon
https://git.kernel.org/stable/c/7c2908985e4ae0ea1b526b3916de9e5351650908 cve-icon cve-icon
https://git.kernel.org/stable/c/98752fcd076a8cbc978016eae7125b4971be1eec cve-icon cve-icon
https://git.kernel.org/stable/c/abc71e89170ed32ecf0a5a29f31aa711e143e941 cve-icon cve-icon
https://git.kernel.org/stable/c/baeb8628ab7f4577740f00e439d3fdf7c876b0ff cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024102152-CVE-2024-49852-875e@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-49852 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-49852 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact