In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.
2019-12-25T04:15:12.393
2024-11-21T04:35:45.653
Modified
CVSSv3.1: 4.7 (MEDIUM)
AV:L/AC:M/Au:N/C:N/I:N/A:P
3.4
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | linux | linux_kernel | ≤ 5.4.6 | Yes |
| Operating System | debian | debian_linux | 8.0 | Yes |
| Operating System | canonical | ubuntu_linux | 14.04 | Yes |
| Operating System | canonical | ubuntu_linux | 16.04 | Yes |
| Operating System | canonical | ubuntu_linux | 18.04 | Yes |
| Operating System | canonical | ubuntu_linux | 19.10 | Yes |
| Application | netapp | active_iq_unified_manager | - | Yes |
| Application | netapp | cloud_backup | - | Yes |
| Application | netapp | data_availability_services | - | Yes |
| Application | netapp | e-series_santricity_os_controller | ≤ 11.70.1 | Yes |
| Application | netapp | hci_management_node | - | Yes |
| Application | netapp | solidfire | - | Yes |
| Application | netapp | steelstore_cloud_integrated_storage | - | Yes |
| Operating System | opensuse | leap | 15.1 | Yes |
| Operating System | netapp | a700s_firmware | - | Yes |
| Hardware | netapp | a700s | - | No |
| Operating System | netapp | h610s_firmware | - | Yes |
| Hardware | netapp | h610s | - | No |
| Operating System | netapp | 8300_firmware | - | Yes |
| Hardware | netapp | 8300 | - | No |
| Operating System | netapp | 8700_firmware | - | Yes |
| Hardware | netapp | 8700 | - | No |
| Operating System | netapp | a400_firmware | - | Yes |
| Hardware | netapp | a400 | - | No |