This is a note to let you know that I've just added the patch titled scsi: qla2xxx: Fix double free of the ha->vp_map pointer to the 6.8-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: scsi-qla2xxx-fix-double-free-of-the-ha-vp_map-pointer.patch and it can be found in the queue-6.8 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From e288285d47784fdcf7c81be56df7d65c6f10c58b Mon Sep 17 00:00:00 2001 From: Saurav Kashyap <skashyap@xxxxxxxxxxx> Date: Tue, 27 Feb 2024 22:11:23 +0530 Subject: scsi: qla2xxx: Fix double free of the ha->vp_map pointer From: Saurav Kashyap <skashyap@xxxxxxxxxxx> commit e288285d47784fdcf7c81be56df7d65c6f10c58b upstream. Coverity scan reported potential risk of double free of the pointer ha->vp_map. ha->vp_map was freed in qla2x00_mem_alloc(), and again freed in function qla2x00_mem_free(ha). Assign NULL to vp_map and kfree take care of NULL. Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Saurav Kashyap <skashyap@xxxxxxxxxxx> Signed-off-by: Nilesh Javali <njavali@xxxxxxxxxxx> Link: https://lore.kernel.org/r/20240227164127.36465-8-njavali@xxxxxxxxxxx Reviewed-by: Himanshu Madhani <himanshu.madhani@xxxxxxxxxx> Signed-off-by: Martin K. Petersen <martin.petersen@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/scsi/qla2xxx/qla_os.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/scsi/qla2xxx/qla_os.c +++ b/drivers/scsi/qla2xxx/qla_os.c @@ -4602,6 +4602,7 @@ fail_free_init_cb: ha->init_cb_dma = 0; fail_free_vp_map: kfree(ha->vp_map); + ha->vp_map = NULL; fail: ql_log(ql_log_fatal, NULL, 0x0030, "Memory allocation failure.\n"); Patches currently in stable-queue which might be from skashyap@xxxxxxxxxxx are queue-6.8/scsi-qla2xxx-fix-double-free-of-the-ha-vp_map-pointer.patch queue-6.8/scsi-qla2xxx-fix-double-free-of-fcport.patch queue-6.8/scsi-qla2xxx-change-debug-message-during-driver-unload.patch