CVE-2024-53227— scsi: bfa: Fix use-after-free in bfad_im_module_exit()

EPSS 0.01% · P2 Updated May 13, 2026

Affected Version Matrix 20

Vendor	Product	Version Range	Status
Linux	Linux	`7725ccfda59715ecf8f99e3b520a0b84cc2ea79e< 0ceac8012d3ddea3317f0d82934293d05feb8af1`	affected
		`7725ccfda59715ecf8f99e3b520a0b84cc2ea79e< 3932c753f805a02e9364a4c58b590f21901f8490`	affected
		`7725ccfda59715ecf8f99e3b520a0b84cc2ea79e< ef2c2580189ea88a0dcaf56eb3a565763a900edb`	affected
		`7725ccfda59715ecf8f99e3b520a0b84cc2ea79e< e76181a5be90abcc3ed8a300bd13878aa214d022`	affected
		`7725ccfda59715ecf8f99e3b520a0b84cc2ea79e< 8f5a97443b547b4c83f876f1d6a11df0f1fd4efb`	affected
		`7725ccfda59715ecf8f99e3b520a0b84cc2ea79e< c28409f851abd93b37969cac7498828ad533afd9`	affected
		`7725ccfda59715ecf8f99e3b520a0b84cc2ea79e< 1ffdde30a90bf8efe8f270407f486706962b3292`	affected
		`7725ccfda59715ecf8f99e3b520a0b84cc2ea79e< a2b5035ab0e368e8d8a371e27fbc72f133c0bd40`	affected
… +12 more rows

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-53227

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

scsi: bfa: Fix use-after-free in bfad_im_module_exit()

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfad_im_module_exit() BUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: <TASK> dump_stack_lvl+0x95/0xe0 print_report+0xcb/0x620 kasan_report+0xbd/0xf0 __lock_acquire+0x2aca/0x3a20 lock_acquire+0x19b/0x520 _raw_spin_lock+0x2b/0x40 attribute_container_unregister+0x30/0x160 fc_release_transport+0x19/0x90 [scsi_transport_fc] bfad_im_module_exit+0x23/0x60 [bfa] bfad_init+0xdb/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> Allocated by task 25303: kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 __kasan_kmalloc+0x7f/0x90 fc_attach_transport+0x4f/0x4740 [scsi_transport_fc] bfad_im_module_init+0x17/0x80 [bfa] bfad_init+0x23/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 25303: kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3b/0x60 __kasan_slab_free+0x38/0x50 kfree+0x212/0x480 bfad_im_module_init+0x7e/0x80 [bfa] bfad_init+0x23/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Above issue happens as follows: bfad_init error = bfad_im_module_init() fc_release_transport(bfad_im_scsi_transport_template); if (error) goto ext; ext: bfad_im_module_exit(); fc_release_transport(bfad_im_scsi_transport_template); --> Trigger double release Don't call bfad_im_module_exit() if bfad_im_module_init() failed.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于scsi:bfa模块中bfad_im_module_exit函数中的释放后重用。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	7725ccfda59715ecf8f99e3b520a0b84cc2ea79e ~ 0ceac8012d3ddea3317f0d82934293d05feb8af1	-
Linux	Linux	2.6.32	-

II. Public POCs for CVE-2024-53227

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-53227

请登录查看更多情报信息。

Same Patch Batch · Linux · 2024-12-27 · 221 CVEs total

CVE-2024-56607		wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask()
CVE-2024-56594		drm/amdgpu: set the right AMDGPU sg segment limitation
CVE-2024-56595		jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree
CVE-2024-56596		jfs: fix array-index-out-of-bounds in jfs_readdir
CVE-2024-56597		jfs: fix shift-out-of-bounds in dbSplit
CVE-2024-56598		jfs: array-index-out-of-bounds fix in dtReadFirst
CVE-2024-56599		wifi: ath10k: avoid NULL pointer error during sdio remove
CVE-2024-56601		net: inet: do not leave a dangling sk pointer in inet_create()
CVE-2024-56600		net: inet6: do not leave a dangling sk pointer in inet6_create()
CVE-2024-56602		net: ieee802154: do not leave a dangling sk pointer in ieee802154_create()
CVE-2024-56603		net: af_can: do not leave a dangling sk pointer in can_create()
CVE-2024-56604		Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()
CVE-2024-56605		Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()
CVE-2024-56606		af_packet: avoid erroring out after sock_init_data() in packet_create()
CVE-2024-56618		pmdomain: imx: gpcv2: Adjust delay after power up handshake
CVE-2024-56615		bpf: fix OOB devmap writes when deleting elements
CVE-2024-56616		drm/dp_mst: Fix MST sideband message body length check
CVE-2024-56617		cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU
CVE-2024-56614		xsk: fix OOB map writes when deleting elements
CVE-2024-56619		nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()

Showing top 20 of 221 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2024-53227

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-53227— scsi: bfa: Fix use-after-free in bfad_im_module_exit()

Affected Version Matrix 20

I. Basic Information for CVE-2024-53227

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-53227

III. Intelligence Information for CVE-2024-53227

Same Patch Batch · Linux · 2024-12-27 · 221 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-53227

Leave a comment