Huawei EulerOS: CVE-2022-48715: kernel security update

发布于3月6日3月6日

Members

Huawei EulerOS: CVE-2022-48715: kernel security update

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

06/20/2024

Created

10/10/2024

Added

10/09/2024

Modified

10/09/2024

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way.Just boot a debug kernel and run the bnx2fc driver with the hardware enabled. [ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_ [ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc] [ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: GB [ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013 [ 1391.699183] Call Trace: [ 1391.699188]dump_stack_lvl+0x57/0x7d [ 1391.699198]check_preemption_disabled+0xc8/0xd0 [ 1391.699205]bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc] [ 1391.699215]? do_raw_spin_trylock+0xb5/0x180 [ 1391.699221]? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc] [ 1391.699229]? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc] [ 1391.699240]bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc] [ 1391.699250]? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc] [ 1391.699258]kthread+0x364/0x420 [ 1391.699263]? _raw_spin_unlock_irq+0x24/0x50 [ 1391.699268]? set_kthread_struct+0x100/0x100 [ 1391.699273]ret_from_fork+0x22/0x30 Restore the old get_cpu/put_cpu code with some modifications to reduce the size of the critical section.