Home

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qedi_remove() In qedi_probe() we call __qedi_probe() which initializes &qedi->recovery_work with qedi_recovery_handler() and &qedi->board_disable_work with qedi_board_disable_work(). When qedi_schedule_recovery_handler() is called, schedule_delayed_work() will finally start the work. In qedi_remove(), which is called to remove the driver, the following sequence may be observed: Fix this by finishing the work before cleanup in qedi_remove(). CPU0 CPU1 |qedi_recovery_handler qedi_remove | __qedi_remove | iscsi_host_free | scsi_host_put | //free shost | |iscsi_host_for_each_session |//use qedi->shost Cancel recovery_work and board_disable_work in __qedi_remove().

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status
unaffected

4b1068f5d74b6cc92319bd7eba40809b1222e73f (git) before fa19c533ab19161298f0780bcc6523af88f6fd20
affected

4b1068f5d74b6cc92319bd7eba40809b1222e73f (git) before 5e756a59cee6a8a79b9059c5bdf0ecbf5bb8d151
affected

4b1068f5d74b6cc92319bd7eba40809b1222e73f (git) before 3738a230831e861503119ee2691c4a7dc56ed60a
affected

4b1068f5d74b6cc92319bd7eba40809b1222e73f (git) before 89f6023fc321c958a0fb11f143a6eb4544ae3940
affected

4b1068f5d74b6cc92319bd7eba40809b1222e73f (git) before 124027cd1a624ce0347adcd59241a9966a726b22
affected

4b1068f5d74b6cc92319bd7eba40809b1222e73f (git) before c5749639f2d0a1f6cbe187d05f70c2e7c544d748
affected

Default status
affected

5.7
affected

Any version before 5.7
unaffected

5.10.180 (semver)
unaffected

5.15.112 (semver)
unaffected

6.1.29 (semver)
unaffected

6.2.16 (semver)
unaffected

6.3.3 (semver)
unaffected

6.4 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/fa19c533ab19161298f0780bcc6523af88f6fd20

git.kernel.org/...c/5e756a59cee6a8a79b9059c5bdf0ecbf5bb8d151

git.kernel.org/...c/3738a230831e861503119ee2691c4a7dc56ed60a

git.kernel.org/...c/89f6023fc321c958a0fb11f143a6eb4544ae3940

git.kernel.org/...c/124027cd1a624ce0347adcd59241a9966a726b22

git.kernel.org/...c/c5749639f2d0a1f6cbe187d05f70c2e7c544d748

cve.org (CVE-2023-54100)

nvd.nist.gov (CVE-2023-54100)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.