fkie_cve-2023-53245
Vulnerability from fkie_nvd
Published
2025-09-15 15:15
Modified
2025-09-15 15:22
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them in a guest VM as a SCSI device. I/O to the vFC device is handled by the storvsc driver. The storvsc driver includes a partial integration with the FC transport implemented in the generic portion of the Linux SCSI subsystem so that FC attributes can be displayed in /sys. However, the partial integration means that some aspects of vFC don't work properly. Unfortunately, a full and correct integration isn't practical because of limitations in what Hyper-V provides to the guest. In particular, in the context of Hyper-V storvsc, the FC transport timeout function fc_eh_timed_out() causes a kernel panic because it can't find the rport and dereferences a NULL pointer. The original patch that added the call from storvsc_eh_timed_out() to fc_eh_timed_out() is faulty in this regard. In many cases a timeout is due to a transient condition, so the situation can be improved by just continuing to wait like with other I/O requests issued by storvsc, and avoiding the guaranteed panic. For a permanent failure, continuing to wait may result in a hung thread instead of a panic, which again may be better. So fix the panic by removing the storvsc call to fc_eh_timed_out(). This allows storvsc to keep waiting for a response. The change has been tested by users who experienced a panic in fc_eh_timed_out() due to transient timeouts, and it solves their problem. In the future we may want to deprecate the vFC functionality in storvsc since it can't be fully fixed. But it has current users for whom it is working well enough, so it should probably stay for a while longer.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/048ebc9a28fb918ee635dd4b2fcf4248eb6e4050
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1678408d08f31a694d5150a56796dd04c9710b22
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/175544ad48cbf56affeef2a679c6a4d4fb1e2881
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/311db605e07f0d4fc0cc7ddb74f1e5692ea2f469
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/763c06565055ae373fe7f89c11e1447bd1ded264
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/cd87f4df9865a53807001ed12c0f0420b14ececd
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ed70fa5629a8b992a5372d7044d1db1f8fa6de29
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Fix handling of virtual Fibre Channel timeouts\n\nHyper-V provides the ability to connect Fibre Channel LUNs to the host\nsystem and present them in a guest VM as a SCSI device. I/O to the vFC\ndevice is handled by the storvsc driver. The storvsc driver includes a\npartial integration with the FC transport implemented in the generic\nportion of the Linux SCSI subsystem so that FC attributes can be displayed\nin /sys.  However, the partial integration means that some aspects of vFC\ndon\u0027t work properly. Unfortunately, a full and correct integration isn\u0027t\npractical because of limitations in what Hyper-V provides to the guest.\n\nIn particular, in the context of Hyper-V storvsc, the FC transport timeout\nfunction fc_eh_timed_out() causes a kernel panic because it can\u0027t find the\nrport and dereferences a NULL pointer. The original patch that added the\ncall from storvsc_eh_timed_out() to fc_eh_timed_out() is faulty in this\nregard.\n\nIn many cases a timeout is due to a transient condition, so the situation\ncan be improved by just continuing to wait like with other I/O requests\nissued by storvsc, and avoiding the guaranteed panic. For a permanent\nfailure, continuing to wait may result in a hung thread instead of a panic,\nwhich again may be better.\n\nSo fix the panic by removing the storvsc call to fc_eh_timed_out().  This\nallows storvsc to keep waiting for a response.  The change has been tested\nby users who experienced a panic in fc_eh_timed_out() due to transient\ntimeouts, and it solves their problem.\n\nIn the future we may want to deprecate the vFC functionality in storvsc\nsince it can\u0027t be fully fixed. But it has current users for whom it is\nworking well enough, so it should probably stay for a while longer."
    }
  ],
  "id": "CVE-2023-53245",
  "lastModified": "2025-09-15T15:22:27.090",
  "metrics": {},
  "published": "2025-09-15T15:15:51.683",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/048ebc9a28fb918ee635dd4b2fcf4248eb6e4050"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/1678408d08f31a694d5150a56796dd04c9710b22"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/175544ad48cbf56affeef2a679c6a4d4fb1e2881"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/311db605e07f0d4fc0cc7ddb74f1e5692ea2f469"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/763c06565055ae373fe7f89c11e1447bd1ded264"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/cd87f4df9865a53807001ed12c0f0420b14ececd"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/ed70fa5629a8b992a5372d7044d1db1f8fa6de29"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.