cve/published/2022/CVE-2022-48825.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2022-48825: scsi: qedf: Add stag_work to all the vports

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 scsi: qedf: Add stag_work to all the vports

 Call trace seen when creating NPIV ports, only 32 out of 64 show online.
 stag work was not initialized for vport, hence initialize the stag work.

 WARNING: CPU: 8 PID: 645 at kernel/workqueue.c:1635 __queue_delayed_work+0x68/0x80
 CPU: 8 PID: 645 Comm: kworker/8:1 Kdump: loaded Tainted: G IOE    --------- --
  4.18.0-348.el8.x86_64 #1
 Hardware name: Dell Inc. PowerEdge MX740c/0177V9, BIOS 2.12.2 07/09/2021
 Workqueue: events fc_lport_timeout [libfc]
 RIP: 0010:__queue_delayed_work+0x68/0x80
 Code: 89 b2 88 00 00 00 44 89 82 90 00 00 00 48 01 c8 48 89 42 50 41 81
 f8 00 20 00 00 75 1d e9 60 24 07 00 44 89 c7 e9 98 f6 ff ff <0f> 0b eb
 c5 0f 0b eb a1 0f 0b eb a7 0f 0b eb ac 44 89 c6 e9 40 23
 RSP: 0018:ffffae514bc3be40 EFLAGS: 00010006
 RAX: ffff8d25d6143750 RBX: 0000000000000202 RCX: 0000000000000002
 RDX: ffff8d2e31383748 RSI: ffff8d25c000d600 RDI: ffff8d2e31383788
 RBP: ffff8d2e31380de0 R08: 0000000000002000 R09: ffff8d2e31383750
 R10: ffffffffc0c957e0 R11: ffff8d2624800000 R12: ffff8d2e31380a58
 R13: ffff8d2d915eb000 R14: ffff8d25c499b5c0 R15: ffff8d2e31380e18
 FS:  0000000000000000(0000) GS:ffff8d2d1fb00000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 000055fd0484b8b8 CR3: 00000008ffc10006 CR4: 00000000007706e0
 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
 PKRU: 55555554
 Call Trace:
   queue_delayed_work_on+0x36/0x40
   qedf_elsct_send+0x57/0x60 [qedf]
   fc_lport_enter_flogi+0x90/0xc0 [libfc]
   fc_lport_timeout+0xb7/0x140 [libfc]
   process_one_work+0x1a7/0x360
   ? create_worker+0x1a0/0x1a0
   worker_thread+0x30/0x390
   ? create_worker+0x1a0/0x1a0
   kthread+0x116/0x130
   ? kthread_flush_work_fn+0x10/0x10
   ret_from_fork+0x35/0x40
  ---[ end trace 008f00f722f2c2ff ]--

 Initialize stag work for all the vports.

 The Linux kernel CVE team has assigned CVE-2022-48825 to this issue.


 Affected and fixed versions
 ===========================

 	Fixed in 5.10.101 with commit aa7352aa155e19815b41f09f114fe9f110fde4d8
 	Fixed in 5.15.24 with commit 1f53bbf27a876f7e61262bd74c18680ac11d4c31
 	Fixed in 5.16.10 with commit 0be556512cd0dfcf5ec1a140d9f42d88221a5d4e
 	Fixed in 5.17 with commit b70a99fd13282d7885f69bf1372e28b7506a1613

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2022-48825
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/scsi/qedf/qedf_main.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/aa7352aa155e19815b41f09f114fe9f110fde4d8
 	https://git.kernel.org/stable/c/1f53bbf27a876f7e61262bd74c18680ac11d4c31
 	https://git.kernel.org/stable/c/0be556512cd0dfcf5ec1a140d9f42d88221a5d4e
 	https://git.kernel.org/stable/c/b70a99fd13282d7885f69bf1372e28b7506a1613
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2022-48825: scsi: qedf: Add stag_work to all the vports

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	scsi: qedf: Add stag_work to all the vports

	Call trace seen when creating NPIV ports, only 32 out of 64 show online.
	stag work was not initialized for vport, hence initialize the stag work.

	WARNING: CPU: 8 PID: 645 at kernel/workqueue.c:1635 __queue_delayed_work+0x68/0x80
	CPU: 8 PID: 645 Comm: kworker/8:1 Kdump: loaded Tainted: G IOE --------- --
	4.18.0-348.el8.x86_64 #1
	Hardware name: Dell Inc. PowerEdge MX740c/0177V9, BIOS 2.12.2 07/09/2021
	Workqueue: events fc_lport_timeout [libfc]
	RIP: 0010:__queue_delayed_work+0x68/0x80
	Code: 89 b2 88 00 00 00 44 89 82 90 00 00 00 48 01 c8 48 89 42 50 41 81
	f8 00 20 00 00 75 1d e9 60 24 07 00 44 89 c7 e9 98 f6 ff ff <0f> 0b eb
	c5 0f 0b eb a1 0f 0b eb a7 0f 0b eb ac 44 89 c6 e9 40 23
	RSP: 0018:ffffae514bc3be40 EFLAGS: 00010006
	RAX: ffff8d25d6143750 RBX: 0000000000000202 RCX: 0000000000000002
	RDX: ffff8d2e31383748 RSI: ffff8d25c000d600 RDI: ffff8d2e31383788
	RBP: ffff8d2e31380de0 R08: 0000000000002000 R09: ffff8d2e31383750
	R10: ffffffffc0c957e0 R11: ffff8d2624800000 R12: ffff8d2e31380a58
	R13: ffff8d2d915eb000 R14: ffff8d25c499b5c0 R15: ffff8d2e31380e18
	FS: 0000000000000000(0000) GS:ffff8d2d1fb00000(0000) knlGS:0000000000000000
	CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
	CR2: 000055fd0484b8b8 CR3: 00000008ffc10006 CR4: 00000000007706e0
	DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
	DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
	PKRU: 55555554
	Call Trace:
	queue_delayed_work_on+0x36/0x40
	qedf_elsct_send+0x57/0x60 [qedf]
	fc_lport_enter_flogi+0x90/0xc0 [libfc]
	fc_lport_timeout+0xb7/0x140 [libfc]
	process_one_work+0x1a7/0x360
	? create_worker+0x1a0/0x1a0
	worker_thread+0x30/0x390
	? create_worker+0x1a0/0x1a0
	kthread+0x116/0x130
	? kthread_flush_work_fn+0x10/0x10
	ret_from_fork+0x35/0x40
	---[ end trace 008f00f722f2c2ff ]--

	Initialize stag work for all the vports.

	The Linux kernel CVE team has assigned CVE-2022-48825 to this issue.


	Affected and fixed versions
	===========================

	Fixed in 5.10.101 with commit aa7352aa155e19815b41f09f114fe9f110fde4d8
	Fixed in 5.15.24 with commit 1f53bbf27a876f7e61262bd74c18680ac11d4c31
	Fixed in 5.16.10 with commit 0be556512cd0dfcf5ec1a140d9f42d88221a5d4e
	Fixed in 5.17 with commit b70a99fd13282d7885f69bf1372e28b7506a1613

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2022-48825
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/scsi/qedf/qedf_main.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/aa7352aa155e19815b41f09f114fe9f110fde4d8
	https://git.kernel.org/stable/c/1f53bbf27a876f7e61262bd74c18680ac11d4c31
	https://git.kernel.org/stable/c/0be556512cd0dfcf5ec1a140d9f42d88221a5d4e
	https://git.kernel.org/stable/c/b70a99fd13282d7885f69bf1372e28b7506a1613