CVE-2024-50183
4.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance
Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforehand opens kref imbalance race conditions. Fix by forcing the DA_ID to complete synchronously with usage of wait_queue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 8ed190a91950564775cbaae9e8e8083a69a8da23 < 0857b1c573c0b095aa778bb26d8b3378172471b6 | affected |
| Linux | Linux | 8ed190a91950564775cbaae9e8e8083a69a8da23 < 0ef6e016eb53fad6dc44c3253945efb43a3486b9 | affected |
| Linux | Linux | 8ed190a91950564775cbaae9e8e8083a69a8da23 < bbc525409bfe8e5bff12f5d18d550ab3e52cdbef | affected |
| Linux | Linux | 8ed190a91950564775cbaae9e8e8083a69a8da23 < 0a3c84f71680684c1d41abb92db05f95c09111e8 | affected |
| Linux | Linux | 5.17 | affected |
| Linux | Linux | 0 < 5.17 | unaffected |
| Linux | Linux | 6.1.113 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.57 <= 6.6.* | unaffected |
| Linux | Linux | 6.11.4 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/0857b1c573c0b095aa778bb26d8b3378172471b6
- https://git.kernel.org/stable/c/0ef6e016eb53fad6dc44c3253945efb43a3486b9
- https://git.kernel.org/stable/c/bbc525409bfe8e5bff12f5d18d550ab3e52cdbef
- https://git.kernel.org/stable/c/0a3c84f71680684c1d41abb92db05f95c09111e8
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.