5.5
CVE-2022-48715
- EPSS 0.02%
- Published 20.06.2024 11:15:55
- Last modified 01.10.2025 13:43:40
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and run the bnx2fc driver with the hardware enabled. [ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_ [ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc] [ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: G B [ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013 [ 1391.699183] Call Trace: [ 1391.699188] dump_stack_lvl+0x57/0x7d [ 1391.699198] check_preemption_disabled+0xc8/0xd0 [ 1391.699205] bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc] [ 1391.699215] ? do_raw_spin_trylock+0xb5/0x180 [ 1391.699221] ? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc] [ 1391.699229] ? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc] [ 1391.699240] bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc] [ 1391.699250] ? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc] [ 1391.699258] kthread+0x364/0x420 [ 1391.699263] ? _raw_spin_unlock_irq+0x24/0x50 [ 1391.699268] ? set_kthread_struct+0x100/0x100 [ 1391.699273] ret_from_fork+0x22/0x30 Restore the old get_cpu/put_cpu code with some modifications to reduce the size of the critical section.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.16.1 < 4.9.300
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.265
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.228
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.178
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.99
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.22
Linux ≫ Linux Kernel Version >= 5.16 < 5.16.8
Linux ≫ Linux Kernel Version3.16 Update-
Linux ≫ Linux Kernel Version3.16 Updaterc4
Linux ≫ Linux Kernel Version3.16 Updaterc5
Linux ≫ Linux Kernel Version3.16 Updaterc6
Linux ≫ Linux Kernel Version3.16 Updaterc7
Linux ≫ Linux Kernel Version5.17 Updaterc1
Linux ≫ Linux Kernel Version5.17 Updaterc2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Type | Source | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.02% | 0.02 |
Source | Base Score | Exploit Score | Impact Score | Vector string |
---|---|---|---|---|
nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|