In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforehand opens kref imbalance race conditions. Fix by forcing the DA_ID to complete synchronously with usage of wait_queue.
History

Mon, 09 Dec 2024 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Weaknesses CWE-362
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H'}


Fri, 22 Nov 2024 14:00:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Fri, 08 Nov 2024 05:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforehand opens kref imbalance race conditions. Fix by forcing the DA_ID to complete synchronously with usage of wait_queue.
Title scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-11-08T05:38:24.400Z

Updated: 2024-12-19T09:34:49.363Z

Reserved: 2024-10-21T19:36:19.966Z

Link: CVE-2024-50183

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2024-11-08T06:15:15.520

Modified: 2024-12-09T23:16:26.957

Link: CVE-2024-50183

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-11-08T00:00:00Z

Links: CVE-2024-50183 - Bugzilla