Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and run the bnx2fc driver with the hardware enabled. [ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_ [ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc] [ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: G B [ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013 [ 1391.699183] Call Trace: [ 1391.699188] dump_stack_lvl+0x57/0x7d [ 1391.699198] check_preemption_disabled+0xc8/0xd0 [ 1391.699205] bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc] [ 1391.699215] ? do_raw_spin_trylock+0xb5/0x180 [ 1391.699221] ? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc] [ 1391.699229] ? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc] [ 1391.699240] bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc] [ 1391.699250] ? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc] [ 1391.699258] kthread+0x364/0x420 [ 1391.699263] ? _raw_spin_unlock_irq+0x24/0x50 [ 1391.699268] ? set_kthread_struct+0x100/0x100 [ 1391.699273] ret_from_fork+0x22/0x30 Restore the old get_cpu/put_cpu code with some modifications to reduce the size of the critical section.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.16.1, < 4.9.300 |
References
- https://git.kernel.org/stable/c/003bcee66a8f0e76157eb3af369c173151901d97Patch
- https://git.kernel.org/stable/c/2d24336c7214b281b51860e54783dfc65f1248dfPatch
- https://git.kernel.org/stable/c/2f5a1ac68bdf2899ce822ab845081922ea8c588ePatch
- https://git.kernel.org/stable/c/3a345198a7c2d1db2526dc60b77052f75de019d3Patch
- https://git.kernel.org/stable/c/471085571f926a1fe6b1bed095638994dbf23990Patch
- https://git.kernel.org/stable/c/53e4f71763c61a557283eb43301efd671922d1e8Patch
- https://git.kernel.org/stable/c/936bd03405fc83ba039d42bc93ffd4b88418f1d3Patch
- https://git.kernel.org/stable/c/ec4334152dae175dbd8fd5bde1d2139bbe7b42d0Patch
- https://git.kernel.org/stable/c/003bcee66a8f0e76157eb3af369c173151901d97Patch
- https://git.kernel.org/stable/c/2d24336c7214b281b51860e54783dfc65f1248dfPatch
- https://git.kernel.org/stable/c/2f5a1ac68bdf2899ce822ab845081922ea8c588ePatch
- https://git.kernel.org/stable/c/3a345198a7c2d1db2526dc60b77052f75de019d3Patch
- https://git.kernel.org/stable/c/471085571f926a1fe6b1bed095638994dbf23990Patch
- https://git.kernel.org/stable/c/53e4f71763c61a557283eb43301efd671922d1e8Patch
- https://git.kernel.org/stable/c/936bd03405fc83ba039d42bc93ffd4b88418f1d3Patch
FAQ
What is CVE-2022-48715?
CVE-2022-48715 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the p...
How severe is CVE-2022-48715?
CVE-2022-48715 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48715?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.