{"id":"CVE-2024-49852","summary":"scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()\n\nThe kref_put() function will call nport-\u003erelease if the refcount drops to\nzero.  The nport-\u003erelease release function is _efc_nport_free() which frees\n\"nport\".  But then we dereference \"nport\" on the next line which is a use\nafter free.  Re-order these lines to avoid the use after free.","modified":"2026-03-20T12:38:07.715085Z","published":"2024-10-21T12:18:45.418Z","related":["MGASA-2024-0344","MGASA-2024-0345","SUSE-SU-2024:3984-1","SUSE-SU-2024:4314-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1","USN-7276-1","USN-7277-1","openSUSE-SU-2024:14500-1","openSUSE-SU-2025:14705-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49852.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/16a570f07d870a285b0c0b0d1ca4dff79e8aa5ff"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2e4b02fad094976763af08fec2c620f4f8edd9ae"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7c2908985e4ae0ea1b526b3916de9e5351650908"},{"type":"WEB","url":"https://git.kernel.org/stable/c/98752fcd076a8cbc978016eae7125b4971be1eec"},{"type":"WEB","url":"https://git.kernel.org/stable/c/abc71e89170ed32ecf0a5a29f31aa711e143e941"},{"type":"WEB","url":"https://git.kernel.org/stable/c/baeb8628ab7f4577740f00e439d3fdf7c876b0ff"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/49xxx/CVE-2024-49852.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49852"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"fcd427303eb90aa3cb08e7e0b68e0e67a6d47346"},{"fixed":"16a570f07d870a285b0c0b0d1ca4dff79e8aa5ff"},{"fixed":"abc71e89170ed32ecf0a5a29f31aa711e143e941"},{"fixed":"baeb8628ab7f4577740f00e439d3fdf7c876b0ff"},{"fixed":"7c2908985e4ae0ea1b526b3916de9e5351650908"},{"fixed":"98752fcd076a8cbc978016eae7125b4971be1eec"},{"fixed":"2e4b02fad094976763af08fec2c620f4f8edd9ae"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-49852.json"}}],"schema_version":"1.7.5"}