{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49504", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T02:08:31.586Z", "datePublished": "2025-02-26T02:13:36.829Z", "dateUpdated": "2025-05-04T08:39:21.409Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:39:21.409Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Inhibit aborts if external loopback plug is inserted\n\nAfter running a short external loopback test, when the external loopback is\nremoved and a normal cable inserted that is directly connected to a target\ndevice, the system oops in the llpfc_set_rrq_active() routine.\n\nWhen the loopback was inserted an FLOGI was transmit. As we're looped back,\nwe receive the FLOGI request. The FLOGI is ABTS'd as we recognize the same\nwppn thus understand it's a loopback. However, as the ABTS sends address\ninformation the port is not set to (fffffe), the ABTS is dropped on the\nwire. A short 1 frame loopback test is run and completes before the ABTS\ntimes out. The looback is unplugged and the new cable plugged in, and the\nan FLOGI to the new device occurs and completes. Due to a mixup in ref\ncounting the completion of the new FLOGI releases the fabric ndlp. Then the\noriginal ABTS completes and references the released ndlp generating the\noops.\n\nCorrect by no-op'ing the ABTS when in loopback mode (it will be dropped\nanyway). Added a flag to track the mode to recognize when it should be\nno-op'd."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/lpfc/lpfc.h", "drivers/scsi/lpfc/lpfc_els.c", "drivers/scsi/lpfc/lpfc_hbadisc.c", "drivers/scsi/lpfc/lpfc_sli.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "a1516930cb605caee3bc7b4f3b7994b88c0b8505", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ead76d4c09b89f4c8d632648026a476a5a34fde8", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/lpfc/lpfc.h", "drivers/scsi/lpfc/lpfc_els.c", "drivers/scsi/lpfc/lpfc_hbadisc.c", "drivers/scsi/lpfc/lpfc_sli.c"], "versions": [{"version": "5.18.3", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.18.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a1516930cb605caee3bc7b4f3b7994b88c0b8505"}, {"url": "https://git.kernel.org/stable/c/ead76d4c09b89f4c8d632648026a476a5a34fde8"}], "title": "scsi: lpfc: Inhibit aborts if external loopback plug is inserted", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Inhibit aborts if external loopback plug is inserted\n\nAfter running a short external loopback test, when the external loopback is\nremoved and a normal cable inserted that is directly connected to a target\ndevice, the system oops in the llpfc_set_rrq_active() routine.\n\nWhen the loopback was inserted an FLOGI was transmit. As we're looped back,\nwe receive the FLOGI request. The FLOGI is ABTS'd as we recognize the same\nwppn thus understand it's a loopback. However, as the ABTS sends address\ninformation the port is not set to (fffffe), the ABTS is dropped on the\nwire. A short 1 frame loopback test is run and completes before the ABTS\ntimes out. The looback is unplugged and the new cable plugged in, and the\nan FLOGI to the new device occurs and completes. Due to a mixup in ref\ncounting the completion of the new FLOGI releases the fabric ndlp. Then the\noriginal ABTS completes and references the released ndlp generating the\noops.\n\nCorrect by no-op'ing the ABTS when in loopback mode (it will be dropped\nanyway). Added a flag to track the mode to recognize when it should be\nno-op'd."}], "id": "CVE-2022-49504", "lastModified": "2025-02-26T07:01:26.543", "metrics": {}, "published": "2025-02-26T07:01:26.543", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a1516930cb605caee3bc7b4f3b7994b88c0b8505"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ead76d4c09b89f4c8d632648026a476a5a34fde8"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"affected_release": [{"advisory": "RHSA-2022:8267", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}], "bugzilla": {"description": "kernel: scsi: lpfc: Inhibit aborts if external loopback plug is inserted", "id": "2347710", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347710"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nscsi: lpfc: Inhibit aborts if external loopback plug is inserted\nAfter running a short external loopback test, when the external loopback is\nremoved and a normal cable inserted that is directly connected to a target\ndevice, the system oops in the llpfc_set_rrq_active() routine.\nWhen the loopback was inserted an FLOGI was transmit. As we're looped back,\nwe receive the FLOGI request. The FLOGI is ABTS'd as we recognize the same\nwppn thus understand it's a loopback. However, as the ABTS sends address\ninformation the port is not set to (fffffe), the ABTS is dropped on the\nwire. A short 1 frame loopback test is run and completes before the ABTS\ntimes out. The looback is unplugged and the new cable plugged in, and the\nan FLOGI to the new device occurs and completes. Due to a mixup in ref\ncounting the completion of the new FLOGI releases the fabric ndlp. Then the\noriginal ABTS completes and references the released ndlp generating the\noops.\nCorrect by no-op'ing the ABTS when in loopback mode (it will be dropped\nanyway). Added a flag to track the mode to recognize when it should be\nno-op'd."], "name": "CVE-2022-49504", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49504\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49504\nhttps://lore.kernel.org/linux-cve-announce/2025022608-CVE-2022-49504-9b25@gregkh/T"], "threat_severity": "Moderate"}