CVE-2024-35930 is a vulnerability identified in the Linux kernel's SCSI subsystem, specifically within the lpfc (LightPulse Fibre Channel) driver. The issue arises in the function lpfc_rcv_padisc(), which handles certain Fibre Channel protocol events. Within this function, a call is made to lpfc_sli4_resume_rpi(), which may return an unsuccessful status. When this failure occurs, the code does not issue the expected elsiocb (Extended Link Service IOCB) completion callback, resulting in a resource leak where the elsiocb memory is not freed. This memory leak can accumulate over time, potentially leading to degraded system performance or denial of service due to resource exhaustion. The fix involves checking the return value of lpfc_sli4_resume_rpi() and conditionally releasing the elsiocb resource to prevent the leak. This vulnerability affects Linux kernel versions identified by the commit hash 6b5151fd7baec6812fece993ddd7a2cf9fd0125f and likely other versions containing the same code path. No known exploits are reported in the wild as of the publication date. The vulnerability does not have an assigned CVSS score yet, but it is recognized and published by the Linux project and enriched by CISA, indicating its relevance to security stakeholders. The vulnerability is primarily a memory/resource leak issue rather than a direct code execution or privilege escalation flaw.

For European organizations, the impact of CVE-2024-35930 is primarily related to system stability and availability. Organizations using Linux servers with Fibre Channel storage connectivity via the lpfc driver could experience gradual memory leaks leading to resource exhaustion, which may cause system slowdowns, crashes, or forced reboots. This can disrupt critical business operations, especially in data centers and enterprises relying on high-availability storage networks. While the vulnerability does not directly expose confidentiality or integrity risks, the availability impact can be significant in environments with heavy Fibre Channel traffic. This is particularly relevant for industries such as finance, telecommunications, healthcare, and manufacturing, where Linux-based storage servers are common. The absence of known exploits reduces immediate risk, but unpatched systems remain vulnerable to potential future exploitation or accidental denial of service conditions. The impact is more pronounced in large-scale deployments where resource leaks can accumulate rapidly.

European organizations should prioritize updating their Linux kernel to the patched version that includes the fix for CVE-2024-35930. Specifically, kernel versions incorporating the fix for the lpfc_rcv_padisc() function should be deployed. System administrators should audit their environments to identify servers using the lpfc driver and Fibre Channel storage. Monitoring tools should be configured to track memory usage and resource allocation related to the lpfc driver to detect abnormal resource consumption early. In environments where immediate patching is not feasible, consider temporarily disabling or limiting Fibre Channel connectivity if possible, or implementing system restarts during maintenance windows to clear leaked resources. Additionally, organizations should maintain robust incident response plans to address potential availability issues stemming from this vulnerability. Collaboration with Linux distribution vendors for timely patch releases and guidance is also recommended.