github - ghsa-6wr3-prcq-pp4c

ghsa-6wr3-prcq-pp4c

Vulnerability from github

Published

2025-10-15 21:31

Modified

2025-10-15 21:31

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Fix scheduling while atomic

The driver makes a call into midlayer (fc_remote_port_delete) which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigger a crash. Schedule the call in non-interrupt context where it is more safe.

kernel: BUG: scheduling while atomic: swapper/7/0/0x00010000 kernel: Call Trace: kernel: kernel: dump_stack+0x66/0x81 kernel: __schedule_bug.cold.90+0x5/0x1d kernel: __schedule+0x7af/0x960 kernel: schedule+0x28/0x80 kernel: schedule_timeout+0x26d/0x3b0 kernel: wait_for_completion+0xb4/0x140 kernel: ? wake_up_q+0x70/0x70 kernel: __wait_rcu_gp+0x12c/0x160 kernel: ? sdev_evt_alloc+0xc0/0x180 [scsi_mod] kernel: synchronize_sched+0x6c/0x80 kernel: ? call_rcu_bh+0x20/0x20 kernel: ? __bpf_trace_rcu_invoke_callback+0x10/0x10 kernel: sdev_evt_alloc+0xfd/0x180 [scsi_mod] kernel: starget_for_each_device+0x85/0xb0 [scsi_mod] kernel: ? scsi_init_io+0x360/0x3d0 [scsi_mod] kernel: scsi_init_io+0x388/0x3d0 [scsi_mod] kernel: device_for_each_child+0x54/0x90 kernel: fc_remote_port_delete+0x70/0xe0 [scsi_transport_fc] kernel: qla2x00_schedule_rport_del+0x62/0xf0 [qla2xxx] kernel: qla2x00_mark_device_lost+0x9c/0xd0 [qla2xxx] kernel: qla24xx_handle_plogi_done_event+0x55f/0x570 [qla2xxx] kernel: qla2x00_async_login_sp_done+0xd2/0x100 [qla2xxx] kernel: qla24xx_logio_entry+0x13a/0x3c0 [qla2xxx] kernel: qla24xx_process_response_queue+0x306/0x400 [qla2xxx] kernel: qla24xx_msix_rsp_q+0x3f/0xb0 [qla2xxx] kernel: __handle_irq_event_percpu+0x40/0x180 kernel: handle_irq_event_percpu+0x30/0x80 kernel: handle_irq_event+0x36/0x60

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-49156"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:00:52Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix scheduling while atomic\n\nThe driver makes a call into midlayer (fc_remote_port_delete) which can put\nthe thread to sleep. The thread that originates the call is in interrupt\ncontext. The combination of the two trigger a crash. Schedule the call in\nnon-interrupt context where it is more safe.\n\nkernel: BUG: scheduling while atomic: swapper/7/0/0x00010000\nkernel: Call Trace:\nkernel:  \u003cIRQ\u003e\nkernel:  dump_stack+0x66/0x81\nkernel:  __schedule_bug.cold.90+0x5/0x1d\nkernel:  __schedule+0x7af/0x960\nkernel:  schedule+0x28/0x80\nkernel:  schedule_timeout+0x26d/0x3b0\nkernel:  wait_for_completion+0xb4/0x140\nkernel:  ? wake_up_q+0x70/0x70\nkernel:  __wait_rcu_gp+0x12c/0x160\nkernel:  ? sdev_evt_alloc+0xc0/0x180 [scsi_mod]\nkernel:  synchronize_sched+0x6c/0x80\nkernel:  ? call_rcu_bh+0x20/0x20\nkernel:  ? __bpf_trace_rcu_invoke_callback+0x10/0x10\nkernel:  sdev_evt_alloc+0xfd/0x180 [scsi_mod]\nkernel:  starget_for_each_device+0x85/0xb0 [scsi_mod]\nkernel:  ? scsi_init_io+0x360/0x3d0 [scsi_mod]\nkernel:  scsi_init_io+0x388/0x3d0 [scsi_mod]\nkernel:  device_for_each_child+0x54/0x90\nkernel:  fc_remote_port_delete+0x70/0xe0 [scsi_transport_fc]\nkernel:  qla2x00_schedule_rport_del+0x62/0xf0 [qla2xxx]\nkernel:  qla2x00_mark_device_lost+0x9c/0xd0 [qla2xxx]\nkernel:  qla24xx_handle_plogi_done_event+0x55f/0x570 [qla2xxx]\nkernel:  qla2x00_async_login_sp_done+0xd2/0x100 [qla2xxx]\nkernel:  qla24xx_logio_entry+0x13a/0x3c0 [qla2xxx]\nkernel:  qla24xx_process_response_queue+0x306/0x400 [qla2xxx]\nkernel:  qla24xx_msix_rsp_q+0x3f/0xb0 [qla2xxx]\nkernel:  __handle_irq_event_percpu+0x40/0x180\nkernel:  handle_irq_event_percpu+0x30/0x80\nkernel:  handle_irq_event+0x36/0x60",
  "id": "GHSA-6wr3-prcq-pp4c",
  "modified": "2025-10-15T21:31:38Z",
  "published": "2025-10-15T21:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49156"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/78225d6a2a4ffdb2250ce2b7691a9e68a3f86912"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/78612f2fe8e26637476d756a44f0f05cca0d97de"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7fef50214dd04427233a2e66cd624d468e67aecb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/826a9d4a00d1424afa961504aec6298ee92d5053"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/afd438ff874ca40b74321b3fa19bd61adfd7ca0c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2022-49156 (GCVE-0-2022-49156)

Vulnerability from cvelistv5

Published

2025-02-26 01:55

Modified

2025-05-04 08:31

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer (fc_remote_port_delete) which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigger a crash. Schedule the call in non-interrupt context where it is more safe. kernel: BUG: scheduling while atomic: swapper/7/0/0x00010000 kernel: Call Trace: kernel: <IRQ> kernel: dump_stack+0x66/0x81 kernel: __schedule_bug.cold.90+0x5/0x1d kernel: __schedule+0x7af/0x960 kernel: schedule+0x28/0x80 kernel: schedule_timeout+0x26d/0x3b0 kernel: wait_for_completion+0xb4/0x140 kernel: ? wake_up_q+0x70/0x70 kernel: __wait_rcu_gp+0x12c/0x160 kernel: ? sdev_evt_alloc+0xc0/0x180 [scsi_mod] kernel: synchronize_sched+0x6c/0x80 kernel: ? call_rcu_bh+0x20/0x20 kernel: ? __bpf_trace_rcu_invoke_callback+0x10/0x10 kernel: sdev_evt_alloc+0xfd/0x180 [scsi_mod] kernel: starget_for_each_device+0x85/0xb0 [scsi_mod] kernel: ? scsi_init_io+0x360/0x3d0 [scsi_mod] kernel: scsi_init_io+0x388/0x3d0 [scsi_mod] kernel: device_for_each_child+0x54/0x90 kernel: fc_remote_port_delete+0x70/0xe0 [scsi_transport_fc] kernel: qla2x00_schedule_rport_del+0x62/0xf0 [qla2xxx] kernel: qla2x00_mark_device_lost+0x9c/0xd0 [qla2xxx] kernel: qla24xx_handle_plogi_done_event+0x55f/0x570 [qla2xxx] kernel: qla2x00_async_login_sp_done+0xd2/0x100 [qla2xxx] kernel: qla24xx_logio_entry+0x13a/0x3c0 [qla2xxx] kernel: qla24xx_process_response_queue+0x306/0x400 [qla2xxx] kernel: qla24xx_msix_rsp_q+0x3f/0xb0 [qla2xxx] kernel: __handle_irq_event_percpu+0x40/0x180 kernel: handle_irq_event_percpu+0x30/0x80 kernel: handle_irq_event+0x36/0x60

References

URL

Tags

	https://git.kernel.org/stable/c/7fef50214dd04427233a2e66cd624d468e67aecb
	https://git.kernel.org/stable/c/826a9d4a00d1424afa961504aec6298ee92d5053
	https://git.kernel.org/stable/c/78225d6a2a4ffdb2250ce2b7691a9e68a3f86912
	https://git.kernel.org/stable/c/78612f2fe8e26637476d756a44f0f05cca0d97de
	https://git.kernel.org/stable/c/afd438ff874ca40b74321b3fa19bd61adfd7ca0c

Impacted products

Vendor

Product

Version

Linux

Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2