CVE-2024-26935

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a bug in the Linux kernel's SCSI core, where a procfs host directory is not properly removed, leading to a potential leak of the SCSI host proc structure. This bug is triggered when a SCSI host structure is allocated but the call to scsi add host() doesn't happen, which can occur in some error paths. The proper fix involves calling scsi proc hostdir rm() on dev release(), but guarding it with a state check for SHOST CREATED.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.