In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Fix use-after-free in lpfcunregrpi() routine
An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfcunregrpi+0x1b1b"
The NLPREGLOGINSEND nlpflag is set in lpfcregfabctrlnode(), but the flag is not cleared upon completion of the login.
This allows a second call to lpfcunregrpi() to proceed with nlprpi set to LPFCRPIALLOWERROR. This results in a use after free access when used as an rpi_ids array index.
Fix by clearing the NLPREGLOGINSEND nlpflag in lpfcmbxcmplfcreg_login().