CVE-2022-49504

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> scsi: lpfc: Inhibit aborts if external loopback plug is inserted<br /> <br /> After running a short external loopback test, when the external loopback is<br /> removed and a normal cable inserted that is directly connected to a target<br /> device, the system oops in the llpfc_set_rrq_active() routine.<br /> <br /> When the loopback was inserted an FLOGI was transmit. As we&amp;#39;re looped back,<br /> we receive the FLOGI request. The FLOGI is ABTS&amp;#39;d as we recognize the same<br /> wppn thus understand it&amp;#39;s a loopback. However, as the ABTS sends address<br /> information the port is not set to (fffffe), the ABTS is dropped on the<br /> wire. A short 1 frame loopback test is run and completes before the ABTS<br /> times out. The looback is unplugged and the new cable plugged in, and the<br /> an FLOGI to the new device occurs and completes. Due to a mixup in ref<br /> counting the completion of the new FLOGI releases the fabric ndlp. Then the<br /> original ABTS completes and references the released ndlp generating the<br /> oops.<br /> <br /> Correct by no-op&amp;#39;ing the ABTS when in loopback mode (it will be dropped<br /> anyway). Added a flag to track the mode to recognize when it should be<br /> no-op&amp;#39;d.