CVE-2022-49155
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/02/2025
Last modified:
13/03/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()<br />
<br />
[ 12.323788] BUG: using smp_processor_id() in preemptible [00000000] code: systemd-udevd/1020<br />
[ 12.332297] caller is qla2xxx_create_qpair+0x32a/0x5d0 [qla2xxx]<br />
[ 12.338417] CPU: 7 PID: 1020 Comm: systemd-udevd Tainted: G I --------- --- 5.14.0-29.el9.x86_64 #1<br />
[ 12.348827] Hardware name: Dell Inc. PowerEdge R610/0F0XJ6, BIOS 6.6.0 05/22/2018<br />
[ 12.356356] Call Trace:<br />
[ 12.358821] dump_stack_lvl+0x34/0x44<br />
[ 12.362514] check_preemption_disabled+0xd9/0xe0<br />
[ 12.367164] qla2xxx_create_qpair+0x32a/0x5d0 [qla2xxx]<br />
[ 12.372481] qla2x00_probe_one+0xa3a/0x1b80 [qla2xxx]<br />
[ 12.377617] ? _raw_spin_lock_irqsave+0x19/0x40<br />
[ 12.384284] local_pci_probe+0x42/0x80<br />
[ 12.390162] ? pci_match_device+0xd7/0x110<br />
[ 12.396366] pci_device_probe+0xfd/0x1b0<br />
[ 12.402372] really_probe+0x1e7/0x3e0<br />
[ 12.408114] __driver_probe_device+0xfe/0x180<br />
[ 12.414544] driver_probe_device+0x1e/0x90<br />
[ 12.420685] __driver_attach+0xc0/0x1c0<br />
[ 12.426536] ? __device_attach_driver+0xe0/0xe0<br />
[ 12.433061] ? __device_attach_driver+0xe0/0xe0<br />
[ 12.439538] bus_for_each_dev+0x78/0xc0<br />
[ 12.445294] bus_add_driver+0x12b/0x1e0<br />
[ 12.451021] driver_register+0x8f/0xe0<br />
[ 12.456631] ? 0xffffffffc07bc000<br />
[ 12.461773] qla2x00_module_init+0x1be/0x229 [qla2xxx]<br />
[ 12.468776] do_one_initcall+0x44/0x200<br />
[ 12.474401] ? load_module+0xad3/0xba0<br />
[ 12.479908] ? kmem_cache_alloc_trace+0x45/0x410<br />
[ 12.486268] do_init_module+0x5c/0x280<br />
[ 12.491730] __do_sys_init_module+0x12e/0x1b0<br />
[ 12.497785] do_syscall_64+0x3b/0x90<br />
[ 12.503029] entry_SYSCALL_64_after_hwframe+0x44/0xae<br />
[ 12.509764] RIP: 0033:0x7f554f73ab2e
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.14.276 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15 (including) | 4.19.238 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.189 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.110 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.33 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 5.16.19 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.17 (including) | 5.17.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/1ab81d82fb1db7ec4be4b0d04563513e6d4bcdd5
- https://git.kernel.org/stable/c/43195a0c620761fbb88db04e2475313855b948a4
- https://git.kernel.org/stable/c/8077a7162bc3cf658dd9ff112bc77716c08458c5
- https://git.kernel.org/stable/c/9c33d49ab9f3d8bd7512b3070cd2f07c4a8849d5
- https://git.kernel.org/stable/c/a60447e7d451df42c7bde43af53b34f10f34f469
- https://git.kernel.org/stable/c/a669a22aef0ceff706b885370af74b5a60a8ac85
- https://git.kernel.org/stable/c/f68776f28d9134fa65056e7e63bfc734049730b7
- https://git.kernel.org/stable/c/f97316dd393bc8df1cc2af6295a97b876eecf252