5.5

CVE-2022-48715

EPSS 0.02%
Veröffentlicht 20.06.2024 11:15:55
Zuletzt bearbeitet 01.10.2025 13:43:40
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe

Running tests with a debug kernel shows that bnx2fc_recv_frame() is
modifying the per_cpu lport stats counters in a non-mpsafe way.  Just boot
a debug kernel and run the bnx2fc driver with the hardware enabled.

[ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_
[ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]
[ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: G    B
[ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013
[ 1391.699183] Call Trace:
[ 1391.699188]  dump_stack_lvl+0x57/0x7d
[ 1391.699198]  check_preemption_disabled+0xc8/0xd0
[ 1391.699205]  bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]
[ 1391.699215]  ? do_raw_spin_trylock+0xb5/0x180
[ 1391.699221]  ? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc]
[ 1391.699229]  ? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc]
[ 1391.699240]  bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc]
[ 1391.699250]  ? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc]
[ 1391.699258]  kthread+0x364/0x420
[ 1391.699263]  ? _raw_spin_unlock_irq+0x24/0x50
[ 1391.699268]  ? set_kthread_struct+0x100/0x100
[ 1391.699273]  ret_from_fork+0x22/0x30

Restore the old get_cpu/put_cpu code with some modifications to reduce the
size of the critical section.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 3.16.1 < 4.9.300

Linux ≫ Linux Kernel Version >= 4.10 < 4.14.265

Linux ≫ Linux Kernel Version >= 4.15 < 4.19.228

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.178

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.99

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.22

Linux ≫ Linux Kernel Version >= 5.16 < 5.16.8

Linux ≫ Linux Kernel Version3.16 Update-

Linux ≫ Linux Kernel Version3.16 Updaterc4

Linux ≫ Linux Kernel Version3.16 Updaterc5

Linux ≫ Linux Kernel Version3.16 Updaterc6

Linux ≫ Linux Kernel Version3.16 Updaterc7

Linux ≫ Linux Kernel Version5.17 Updaterc1

Linux ≫ Linux Kernel Version5.17 Updaterc2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.02

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

https://git.kernel.org/stable/c/003bcee66a8f0e76157eb3af369c173151901d97

Patch

https://git.kernel.org/stable/c/2d24336c7214b281b51860e54783dfc65f1248df

Patch

https://git.kernel.org/stable/c/2f5a1ac68bdf2899ce822ab845081922ea8c588e

Patch

https://git.kernel.org/stable/c/3a345198a7c2d1db2526dc60b77052f75de019d3

Patch

https://git.kernel.org/stable/c/471085571f926a1fe6b1bed095638994dbf23990

Patch

https://git.kernel.org/stable/c/53e4f71763c61a557283eb43301efd671922d1e8

Patch

https://git.kernel.org/stable/c/936bd03405fc83ba039d42bc93ffd4b88418f1d3

Patch

https://git.kernel.org/stable/c/ec4334152dae175dbd8fd5bde1d2139bbe7b42d0

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-48715

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-48715

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-48715

EUVD