CVE-2024-42289 Information
Description
In the Linux kernel the following vulnerability has been resolved:
scsi: qla2xxx: During vport delete send async logout explicitly
During vport delete it is observed that during unload we hit a crash because of stale entries in outstanding command array. For all these stale I/O entries eh_abort was issued and aborted (fast_fail_io = 2009h) but I/Os could not complete while vport delete is in process of deleting.
BUG: kernel NULL pointer dereference address: 000000000000001c
PF: supervisor read access in kernel mode
PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: 0000 [1] PREEMPT SMP NOPTI
Workqueue: qla2xxx_wq qla_do_work [qla2xxx]
RIP: 0010:dma_direct_unmap_sg+0x51/0x1e0
RSP: 0018:ffffa1e1e150fc68 EFLAGS: 00010046
RAX: 0000000000000000 RBX: 0000000000000021 RCX: 0000000000000001
RDX: 0000000000000021 RSI: 0000000000000000 RDI: ffff8ce208a7a0d0
RBP: ffff8ce208a7a0d0 R08: 0000000000000000 R09: ffff8ce378aac9c8
R10: ffff8ce378aac8a0 R11: ffffa1e1e150f9d8 R12: 0000000000000000
R13: 0000000000000000 R14: ffff8ce378aac9c8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff8d217f000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000001c CR3: 0000002089acc000 CR4: 0000000000350ee0
Call Trace:
Send out async logout explicitly for all the ports during vport delete.
Reference
https://git.kernel.org/stable/c/d28a2075bb530489715a3b011e1dd8765ba20313 https://git.kernel.org/stable/c/87c25fcb95aafabb6a4914239f4ab41b07a4f9b7 https://git.kernel.org/stable/c/b35d6d5a2f38605cddea7d5c64cded894fbe8ede https://git.kernel.org/stable/c/76f480d7c717368f29a3870f7d64471ce0ff8fb2
Share on: