Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-43414
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-08 May, 2026 | 14:21
Updated At-11 May, 2026 | 22:24
Rejected At-
▼CVE Numbering Authority (CNA)
scsi: qla2xxx: Completely fix fcport double free

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xx_els_dcmd_iocb() sp->free is set to qla2x00_els_dcmd_sp_free(). When an error happens, this function is called by qla2x00_sp_release(), when kref_put() releases the first and the last reference. qla2x00_els_dcmd_sp_free() frees fcport by calling qla2x00_free_fcport(). Doing it one more time after kref_put() is a bad idea.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/scsi/qla2xxx/qla_iocb.c
Default Status
unaffected
Versions
Affected
  • From 4895009c4bb72f71f2e682f1e7d2c2d96e482087 before d48ea85463f5b34f7b92ea0a13eddf1ab993da7b (git)
  • From 4895009c4bb72f71f2e682f1e7d2c2d96e482087 before c0b7da13a04bd70ef6070bfb9ea85f582294560a (git)
  • 7861213201838480dc222634c56fb6db113d010d (git)
  • 3b9d72442adfbc9ddb0f76dd1b03977b3a578b16 (git)
  • ef23850940d9a52c39936d27254824ccf5e9b6bd (git)
  • 6c6bf6cacf9461f8d301cfac4f9c175d80cbcc63 (git)
  • cd10dee1f07a782f5aa05703c55299ca86a85ee4 (git)
  • b03e626bd6d3f0684f56ee1890d70fc9ca991c04 (git)
  • 282877633b25d67021a34169c5b5519b1d4ef65e (git)
  • f85af9f1aa5e2f53694a6cbe72010f754b5ff862 (git)
  • 9b43d2884b54d415caab48878b526dfe2ae9921b (git)
  • 846fb9f112f618ec6ae181d8dae7961652574774 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/scsi/qla2xxx/qla_iocb.c
Default Status
affected
Versions
Affected
  • 6.9
Unaffected
  • From 0 before 6.9 (semver)
  • From 6.19.9 through 6.19.* (semver)
  • From 7.0 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/d48ea85463f5b34f7b92ea0a13eddf1ab993da7b
N/A
https://git.kernel.org/stable/c/c0b7da13a04bd70ef6070bfb9ea85f582294560a
N/A
Hyperlink: https://git.kernel.org/stable/c/d48ea85463f5b34f7b92ea0a13eddf1ab993da7b
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/c0b7da13a04bd70ef6070bfb9ea85f582294560a
Resource: N/A
Details not found