Vulnerability-Lookup

FKIE_CVE-2022-49156

Vulnerability from fkie_nvd - Published: 2025-02-26 07:00 - Updated: 2025-10-15 19:40

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer (fc_remote_port_delete) which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigger a crash. Schedule the call in non-interrupt context where it is more safe. kernel: BUG: scheduling while atomic: swapper/7/0/0x00010000 kernel: Call Trace: kernel: <IRQ> kernel: dump_stack+0x66/0x81 kernel: __schedule_bug.cold.90+0x5/0x1d kernel: __schedule+0x7af/0x960 kernel: schedule+0x28/0x80 kernel: schedule_timeout+0x26d/0x3b0 kernel: wait_for_completion+0xb4/0x140 kernel: ? wake_up_q+0x70/0x70 kernel: __wait_rcu_gp+0x12c/0x160 kernel: ? sdev_evt_alloc+0xc0/0x180 [scsi_mod] kernel: synchronize_sched+0x6c/0x80 kernel: ? call_rcu_bh+0x20/0x20 kernel: ? __bpf_trace_rcu_invoke_callback+0x10/0x10 kernel: sdev_evt_alloc+0xfd/0x180 [scsi_mod] kernel: starget_for_each_device+0x85/0xb0 [scsi_mod] kernel: ? scsi_init_io+0x360/0x3d0 [scsi_mod] kernel: scsi_init_io+0x388/0x3d0 [scsi_mod] kernel: device_for_each_child+0x54/0x90 kernel: fc_remote_port_delete+0x70/0xe0 [scsi_transport_fc] kernel: qla2x00_schedule_rport_del+0x62/0xf0 [qla2xxx] kernel: qla2x00_mark_device_lost+0x9c/0xd0 [qla2xxx] kernel: qla24xx_handle_plogi_done_event+0x55f/0x570 [qla2xxx] kernel: qla2x00_async_login_sp_done+0xd2/0x100 [qla2xxx] kernel: qla24xx_logio_entry+0x13a/0x3c0 [qla2xxx] kernel: qla24xx_process_response_queue+0x306/0x400 [qla2xxx] kernel: qla24xx_msix_rsp_q+0x3f/0xb0 [qla2xxx] kernel: __handle_irq_event_percpu+0x40/0x180 kernel: handle_irq_event_percpu+0x30/0x80 kernel: handle_irq_event+0x36/0x60

References

URL	Tags
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/78225d6a2a4ffdb2250ce2b7691a9e68a3f86912	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/78612f2fe8e26637476d756a44f0f05cca0d97de	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/7fef50214dd04427233a2e66cd624d468e67aecb	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/826a9d4a00d1424afa961504aec6298ee92d5053	Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/afd438ff874ca40b74321b3fa19bd61adfd7ca0c	Patch

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9CDD38D-425B-44B2-A60F-7E0DB2E4A472",
              "versionEndExcluding": "5.10.110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27C42AE8-B387-43E2-938A-E1C8B40BE6D5",
              "versionEndExcluding": "5.15.33",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20C43679-0439-405A-B97F-685BEE50613B",
              "versionEndExcluding": "5.16.19",
              "versionStartIncluding": "5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "210C679C-CF84-44A3-8939-E629C87E54BF",
              "versionEndExcluding": "5.17.2",
              "versionStartIncluding": "5.17",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix scheduling while atomic\n\nThe driver makes a call into midlayer (fc_remote_port_delete) which can put\nthe thread to sleep. The thread that originates the call is in interrupt\ncontext. The combination of the two trigger a crash. Schedule the call in\nnon-interrupt context where it is more safe.\n\nkernel: BUG: scheduling while atomic: swapper/7/0/0x00010000\nkernel: Call Trace:\nkernel:  \u003cIRQ\u003e\nkernel:  dump_stack+0x66/0x81\nkernel:  __schedule_bug.cold.90+0x5/0x1d\nkernel:  __schedule+0x7af/0x960\nkernel:  schedule+0x28/0x80\nkernel:  schedule_timeout+0x26d/0x3b0\nkernel:  wait_for_completion+0xb4/0x140\nkernel:  ? wake_up_q+0x70/0x70\nkernel:  __wait_rcu_gp+0x12c/0x160\nkernel:  ? sdev_evt_alloc+0xc0/0x180 [scsi_mod]\nkernel:  synchronize_sched+0x6c/0x80\nkernel:  ? call_rcu_bh+0x20/0x20\nkernel:  ? __bpf_trace_rcu_invoke_callback+0x10/0x10\nkernel:  sdev_evt_alloc+0xfd/0x180 [scsi_mod]\nkernel:  starget_for_each_device+0x85/0xb0 [scsi_mod]\nkernel:  ? scsi_init_io+0x360/0x3d0 [scsi_mod]\nkernel:  scsi_init_io+0x388/0x3d0 [scsi_mod]\nkernel:  device_for_each_child+0x54/0x90\nkernel:  fc_remote_port_delete+0x70/0xe0 [scsi_transport_fc]\nkernel:  qla2x00_schedule_rport_del+0x62/0xf0 [qla2xxx]\nkernel:  qla2x00_mark_device_lost+0x9c/0xd0 [qla2xxx]\nkernel:  qla24xx_handle_plogi_done_event+0x55f/0x570 [qla2xxx]\nkernel:  qla2x00_async_login_sp_done+0xd2/0x100 [qla2xxx]\nkernel:  qla24xx_logio_entry+0x13a/0x3c0 [qla2xxx]\nkernel:  qla24xx_process_response_queue+0x306/0x400 [qla2xxx]\nkernel:  qla24xx_msix_rsp_q+0x3f/0xb0 [qla2xxx]\nkernel:  __handle_irq_event_percpu+0x40/0x180\nkernel:  handle_irq_event_percpu+0x30/0x80\nkernel:  handle_irq_event+0x36/0x60"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: qla2xxx: Fix scheduling while atomic El controlador realiza una llamada a la capa intermedia (fc_remote_port_delete) que puede poner el hilo en suspensi\u00f3n. El hilo que origina la llamada est\u00e1 en un contexto de interrupci\u00f3n. La combinaci\u00f3n de los dos desencadena un bloqueo. Programe la llamada en un contexto sin interrupciones donde sea m\u00e1s seguro. n\u00facleo: ERROR: programaci\u00f3n mientras at\u00f3mico: swapper/7/0/0x00010000 n\u00facleo: Seguimiento de llamadas: n\u00facleo:  kernel: dump_stack+0x66/0x81 kernel: __schedule_bug.cold.90+0x5/0x1d kernel: __schedule+0x7af/0x960 kernel: schedule+0x28/0x80 kernel: schedule_timeout+0x26d/0x3b0 kernel: wait_for_completion+0xb4/0x140 kernel: ? wake_up_q+0x70/0x70 kernel: __wait_rcu_gp+0x12c/0x160 kernel: ? sdev_evt_alloc+0xc0/0x180 [scsi_mod] kernel: synchronize_sched+0x6c/0x80 kernel: ? call_rcu_bh+0x20/0x20 kernel: ? __bpf_trace_rcu_invoke_callback+0x10/0x10 kernel: sdev_evt_alloc+0xfd/0x180 [scsi_mod] kernel: starget_for_each_device+0x85/0xb0 [scsi_mod] kernel: ? scsi_init_io+0x360/0x3d0 [scsi_mod] kernel: scsi_init_io+0x388/0x3d0 [scsi_mod] kernel: device_for_each_child+0x54/0x90 kernel: fc_remote_port_delete+0x70/0xe0 [scsi_transport_fc] kernel: qla2x00_schedule_rport_del+0x62/0xf0 [qla2xxx] kernel: qla2x00_mark_device_lost+0x9c/0xd0 [qla2xxx] kernel: qla24xx_handle_plogi_done_event+0x55f/0x570 [qla2xxx] kernel: qla2x00_async_login_sp_done+0xd2/0x100 [qla2xxx] kernel: qla24xx_logio_entry+0x13a/0x3c0 [qla2xxx] kernel: qla24xx_process_response_queue+0x306/0x400 [qla2xxx] kernel: qla24xx_msix_rsp_q+0x3f/0xb0 [qla2xxx] kernel: __handle_irq_event_percpu+0x40/0x180 kernel: handle_irq_event_percpu+0x30/0x80 kernel: handle_irq_event+0x36/0x60"
    }
  ],
  "id": "CVE-2022-49156",
  "lastModified": "2025-10-15T19:40:49.500",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-02-26T07:00:52.823",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/78225d6a2a4ffdb2250ce2b7691a9e68a3f86912"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/78612f2fe8e26637476d756a44f0f05cca0d97de"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/7fef50214dd04427233a2e66cd624d468e67aecb"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/826a9d4a00d1424afa961504aec6298ee92d5053"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/afd438ff874ca40b74321b3fa19bd61adfd7ca0c"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2022-49156 (GCVE-0-2022-49156)

Vulnerability from cvelistv5 – Published: 2025-02-26 01:55 – Updated: 2025-12-23 13:22

Title

scsi: qla2xxx: Fix scheduling while atomic

Summary

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/7fef50214dd044272…
	https://git.kernel.org/stable/c/826a9d4a00d1424af…
	https://git.kernel.org/stable/c/78225d6a2a4ffdb22…
	https://git.kernel.org/stable/c/78612f2fe8e266374…
	https://git.kernel.org/stable/c/afd438ff874ca40b7…

Impacted products

Vendor

Product

Version

Linux

Affected: 726b85487067d7f5b23495bc33c484b8517c4074 , < 7fef50214dd04427233a2e66cd624d468e67aecb (git)
Affected: 726b85487067d7f5b23495bc33c484b8517c4074 , < 826a9d4a00d1424afa961504aec6298ee92d5053 (git)
Affected: 726b85487067d7f5b23495bc33c484b8517c4074 , < 78225d6a2a4ffdb2250ce2b7691a9e68a3f86912 (git)
Affected: 726b85487067d7f5b23495bc33c484b8517c4074 , < 78612f2fe8e26637476d756a44f0f05cca0d97de (git)
Affected: 726b85487067d7f5b23495bc33c484b8517c4074 , < afd438ff874ca40b74321b3fa19bd61adfd7ca0c (git)

Linux

Affected: 4.11
Unaffected: 0 , < 4.11 (semver)
Unaffected: 5.10.110 , ≤ 5.10.* (semver)
Unaffected: 5.15.33 , ≤ 5.15.* (semver)
Unaffected: 5.16.19 , ≤ 5.16.* (semver)
Unaffected: 5.17.2 , ≤ 5.17.* (semver)
Unaffected: 5.18 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/qla2xxx/qla_init.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7fef50214dd04427233a2e66cd624d468e67aecb",
              "status": "affected",
              "version": "726b85487067d7f5b23495bc33c484b8517c4074",
              "versionType": "git"
            },
            {
              "lessThan": "826a9d4a00d1424afa961504aec6298ee92d5053",
              "status": "affected",
              "version": "726b85487067d7f5b23495bc33c484b8517c4074",
              "versionType": "git"
            },
            {
              "lessThan": "78225d6a2a4ffdb2250ce2b7691a9e68a3f86912",
              "status": "affected",
              "version": "726b85487067d7f5b23495bc33c484b8517c4074",
              "versionType": "git"
            },
            {
              "lessThan": "78612f2fe8e26637476d756a44f0f05cca0d97de",
              "status": "affected",
              "version": "726b85487067d7f5b23495bc33c484b8517c4074",
              "versionType": "git"
            },
            {
              "lessThan": "afd438ff874ca40b74321b3fa19bd61adfd7ca0c",
              "status": "affected",
              "version": "726b85487067d7f5b23495bc33c484b8517c4074",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/qla2xxx/qla_init.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.11"
            },
            {
              "lessThan": "4.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.110",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.33",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.17.*",
              "status": "unaffected",
              "version": "5.17.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.18",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.110",
                  "versionStartIncluding": "4.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.33",
                  "versionStartIncluding": "4.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.16.19",
                  "versionStartIncluding": "4.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.17.2",
                  "versionStartIncluding": "4.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.18",
                  "versionStartIncluding": "4.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix scheduling while atomic\n\nThe driver makes a call into midlayer (fc_remote_port_delete) which can put\nthe thread to sleep. The thread that originates the call is in interrupt\ncontext. The combination of the two trigger a crash. Schedule the call in\nnon-interrupt context where it is more safe.\n\nkernel: BUG: scheduling while atomic: swapper/7/0/0x00010000\nkernel: Call Trace:\nkernel:  \u003cIRQ\u003e\nkernel:  dump_stack+0x66/0x81\nkernel:  __schedule_bug.cold.90+0x5/0x1d\nkernel:  __schedule+0x7af/0x960\nkernel:  schedule+0x28/0x80\nkernel:  schedule_timeout+0x26d/0x3b0\nkernel:  wait_for_completion+0xb4/0x140\nkernel:  ? wake_up_q+0x70/0x70\nkernel:  __wait_rcu_gp+0x12c/0x160\nkernel:  ? sdev_evt_alloc+0xc0/0x180 [scsi_mod]\nkernel:  synchronize_sched+0x6c/0x80\nkernel:  ? call_rcu_bh+0x20/0x20\nkernel:  ? __bpf_trace_rcu_invoke_callback+0x10/0x10\nkernel:  sdev_evt_alloc+0xfd/0x180 [scsi_mod]\nkernel:  starget_for_each_device+0x85/0xb0 [scsi_mod]\nkernel:  ? scsi_init_io+0x360/0x3d0 [scsi_mod]\nkernel:  scsi_init_io+0x388/0x3d0 [scsi_mod]\nkernel:  device_for_each_child+0x54/0x90\nkernel:  fc_remote_port_delete+0x70/0xe0 [scsi_transport_fc]\nkernel:  qla2x00_schedule_rport_del+0x62/0xf0 [qla2xxx]\nkernel:  qla2x00_mark_device_lost+0x9c/0xd0 [qla2xxx]\nkernel:  qla24xx_handle_plogi_done_event+0x55f/0x570 [qla2xxx]\nkernel:  qla2x00_async_login_sp_done+0xd2/0x100 [qla2xxx]\nkernel:  qla24xx_logio_entry+0x13a/0x3c0 [qla2xxx]\nkernel:  qla24xx_process_response_queue+0x306/0x400 [qla2xxx]\nkernel:  qla24xx_msix_rsp_q+0x3f/0xb0 [qla2xxx]\nkernel:  __handle_irq_event_percpu+0x40/0x180\nkernel:  handle_irq_event_percpu+0x30/0x80\nkernel:  handle_irq_event+0x36/0x60"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-23T13:22:14.492Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7fef50214dd04427233a2e66cd624d468e67aecb"
        },
        {
          "url": "https://git.kernel.org/stable/c/826a9d4a00d1424afa961504aec6298ee92d5053"
        },
        {
          "url": "https://git.kernel.org/stable/c/78225d6a2a4ffdb2250ce2b7691a9e68a3f86912"
        },
        {
          "url": "https://git.kernel.org/stable/c/78612f2fe8e26637476d756a44f0f05cca0d97de"
        },
        {
          "url": "https://git.kernel.org/stable/c/afd438ff874ca40b74321b3fa19bd61adfd7ca0c"
        }
      ],
      "title": "scsi: qla2xxx: Fix scheduling while atomic",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-49156",
    "datePublished": "2025-02-26T01:55:20.285Z",
    "dateReserved": "2025-02-26T01:49:39.275Z",
    "dateUpdated": "2025-12-23T13:22:14.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2022-49156

CVE-2022-49156 (GCVE-0-2022-49156)

Tags

Sightings

Nomenclature