CVE-2025-38238

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out<br /> <br /> When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to<br /> send ABTS for each of them. On send completion, this causes an attempt to<br /> free the same frame twice that leads to a crash.<br /> <br /> Fix crash by allocating separate frames for RHBA and RPA, and modify ABTS<br /> logic accordingly.<br /> <br /> Tested by checking MDS for FDMI information.<br /> <br /> Tested by using instrumented driver to:<br /> <br /> - Drop PLOGI response<br /> - Drop RHBA response<br /> - Drop RPA response<br /> - Drop RHBA and RPA response<br /> - Drop PLOGI response + ABTS response<br /> - Drop RHBA response + ABTS response<br /> - Drop RPA response + ABTS response<br /> - Drop RHBA and RPA response + ABTS response for both of them