CVE-2022-50744

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs

During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a hard lockup similar to the call trace below may occur.

The spin_lock_bh in lpfc_rx_monitor_report is not protecting from timer interrupts as expected, so change the strength of the spin lock to _irq.

Kernel panic - not syncing: Hard LOCKUP CPU: 3 PID: 110402 Comm: cat Kdump: loaded

exception RIP: native_queued_spin_lock_slowpath+91

[IRQ stack] native_queued_spin_lock_slowpath at ffffffffb814e30b _raw_spin_lock at ffffffffb89a667a lpfc_rx_monitor_record at ffffffffc0a73a36 [lpfc] lpfc_cmf_timer at ffffffffc0abbc67 [lpfc] __hrtimer_run_queues at ffffffffb8184250 hrtimer_interrupt at ffffffffb8184ab0 smp_apic_timer_interrupt at ffffffffb8a026ba apic_timer_interrupt at ffffffffb8a01c4f [End of IRQ stack]

apic_timer_interrupt at ffffffffb8a01c4f lpfc_rx_monitor_report at ffffffffc0a73c80 [lpfc] lpfc_rx_monitor_read at ffffffffc0addde1 [lpfc] full_proxy_read at ffffffffb83e7fc3 vfs_read at ffffffffb833fe71 ksys_read at ffffffffb83402af do_syscall_64 at ffffffffb800430b entry_SYSCALL_64_after_hwframe at ffffffffb8a000ad

Affected Software

VendorProductVersion RangeStatus
LinuxLinux21d65b35169112af9b6f873c8eeab972e60107c2 < 2cf66428a2545bb33beb9624124a2377468bb478affected
LinuxLinux2c9b5b8326b953f2f48338a7c889e6af457d146f < cd542900ee5147028bbe603b238efcab8d720838affected
LinuxLinuxbd269188ea94e40ab002cad7b0df8f12b8f0de54 < 39761417ea7b654217d6d9085afbf7c87ba3675daffected
LinuxLinuxbd269188ea94e40ab002cad7b0df8f12b8f0de54 < c44e50f4a0ec00c2298f31f91bc2c3e9bbd81c7eaffected
LinuxLinux147d397e08a406f5997f8a1c7f747fe546bf8395affected
LinuxLinux5.15.78 < 5.15.86affected
LinuxLinux6.0.3 < 6.0.16affected
LinuxLinux5.19.17 < 5.20affected
LinuxLinux6.1affected
LinuxLinux0 < 6.1unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References