APPLIED: [SRU][N][PATCH 0/1] CVE-2024-53227

[Koichiro Den]

On Tue, Feb 11, 2025 at 03:57:09PM GMT, Bethany Jamison wrote:
> [Impact]
> 
> scsi: bfa: Fix use-after-free in bfad_im_module_exit()
> 
> There is a slab-use-after-free read of size 8 in __lock_acquire.
> This issue happens as follows:
> 
> bfad_init
>   error = bfad_im_module_init()
>     fc_release_transport(bfad_im_scsi_transport_template);
>   if (error)
>     goto ext;
> 
> ext:
>   bfad_im_module_exit();
>     fc_release_transport(bfad_im_scsi_transport_template);
>     --> Trigger double release
> 
> Don't call bfad_im_module_exit() if bfad_im_module_init() failed.
> 
> [Fix]
> 
> Oracular: pending (6.11.0-17.17)
> Noble:	  Clean cherry-pick from linux-6.11.y
> Jammy:	  pending
> Focal:	  pending
> Bionic:   fix sent to esm ML
> Xenial:	  fix sent to esm ML
> Trusty:	  won't fix as it is not critical
> 
> [Test Case]
> 
> Compile tested, lack hardware for further testing.
> 
> [Where problems could occur]
> 
> This fix affects those who use the QLogic BR-series Fibre Channel Host 
> Bus Adapter driver, an issue with this fix would be visible to the user
> via unexpected system behavior.
> 
> Ye Bin (1):
>   scsi: bfa: Fix use-after-free in bfad_im_module_exit()
> 
>  drivers/scsi/bfa/bfad.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 

Applied to noble:linux master-next branch. Thanks!