CVE-2023-52811

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool<br /> <br /> In practice the driver should never send more commands than are allocated<br /> to a queue&amp;#39;s event pool. In the unlikely event that this happens, the code<br /> asserts a BUG_ON, and in the case that the kernel is not configured to<br /> crash on panic returns a junk event pointer from the empty event list<br /> causing things to spiral from there. This BUG_ON is a historical artifact<br /> of the ibmvfc driver first being upstreamed, and it is well known now that<br /> the use of BUG_ON is bad practice except in the most unrecoverable<br /> scenario. There is nothing about this scenario that prevents the driver<br /> from recovering and carrying on.<br /> <br /> Remove the BUG_ON in question from ibmvfc_get_event() and return a NULL<br /> pointer in the case of an empty event pool. Update all call sites to<br /> ibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate<br /> failure or recovery action.