{"vulnerability": "CVE-2022-48823", "sightings": [{"uuid": "a5c4971a-9895-4ebe-bebf-21696a4da83c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48823", "type": "seen", "source": "https://t.me/cvedetector/939", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-48823 - QEDF Linux SCSI Driver Refcount Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-48823 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nscsi: qedf: Fix refcount issue when LOGO is received during TMF  \n  \nHung task call trace was seen during LOGO processing.  \n  \n[  974.309060] [0000:00:00.0]:[qedf_eh_device_reset:868]: 1:0:2:0: LUN RESET Issued...  \n[  974.309065] [0000:00:00.0]:[qedf_initiate_tmf:2422]: tm_flags 0x10 sc_cmd 00000000c16b930f op = 0x2a target_id = 0x2 lun=0  \n[  974.309178] [0000:00:00.0]:[qedf_initiate_tmf:2431]: portid=016900 tm_flags =LUN RESET  \n[  974.309222] [0000:00:00.0]:[qedf_initiate_tmf:2438]: orig io_req = 00000000ec78df8f xid = 0x180 ref_cnt = 1.  \n[  974.309625] host1: rport 016900: Received LOGO request while in state Ready  \n[  974.309627] host1: rport 016900: Delete port  \n[  974.309642] host1: rport 016900: work event 3  \n[  974.309644] host1: rport 016900: lld callback ev 3  \n[  974.313243] [0000:61:00.2]:[qedf_execute_tmf:2383]:1: fcport is uploading, not executing flush.  \n[  974.313295] [0000:61:00.2]:[qedf_execute_tmf:2400]:1: task mgmt command success...  \n[  984.031088] INFO: task jbd2/dm-15-8:7645 blocked for more than 120 seconds.  \n[  984.031136]       Not tainted 4.18.0-305.el8.x86_64 #1  \n  \n[  984.031166] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.  \n[  984.031209] jbd2/dm-15-8    D    0  7645      2 0x80004080  \n[  984.031212] Call Trace:  \n[  984.031222]  __schedule+0x2c4/0x700  \n[  984.031230]  ? unfreeze_partials.isra.83+0x16e/0x1a0  \n[  984.031233]  ? bit_wait_timeout+0x90/0x90  \n[  984.031235]  schedule+0x38/0xa0  \n[  984.031238]  io_schedule+0x12/0x40  \n[  984.031240]  bit_wait_io+0xd/0x50  \n[  984.031243]  __wait_on_bit+0x6c/0x80  \n[  984.031248]  ? free_buffer_head+0x21/0x50  \n[  984.031251]  out_of_line_wait_on_bit+0x91/0xb0  \n[  984.031257]  ? init_wait_var_entry+0x50/0x50  \n[  984.031268]  jbd2_journal_commit_transaction+0x112e/0x19f0 [jbd2]  \n[  984.031280]  kjournald2+0xbd/0x270 [jbd2]  \n[  984.031284]  ? finish_wait+0x80/0x80  \n[  984.031291]  ? commit_timeout+0x10/0x10 [jbd2]  \n[  984.031294]  kthread+0x116/0x130  \n[  984.031300]  ? kthread_flush_work_fn+0x10/0x10  \n[  984.031305]  ret_from_fork+0x1f/0x40  \n  \nThere was a ref count issue when LOGO is received during TMF. This leads to  \none of the I/Os hanging with the driver. Fix the ref count. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:22.000000Z"}]}