CVE-2024-36952
scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
There are cases after NPIV deletion where the fabric switch still believes
the NPIV is logged into the fabric. This occurs when a vport is
unregistered before the Remove All DA_ID CT and LOGO ELS are sent to the
fabric.
Currently fc_remove_host(), which calls dev_loss_tmo for all D_IDs including
the fabric D_ID, removes the last ndlp reference and frees the ndlp rport
object. This sometimes causes the race condition where the final DA_ID and
LOGO are skipped from being sent to the fabric switch.
Fix by moving the fc_remove_host() and scsi_remove_host() calls after DA_ID
and LOGO are sent.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: scsi: lpfc: Mover la anulación del registro de transporte de NPIV a después de la limpieza de recursos. Hay casos después de la eliminación de NPIV en los que el conmutador de tejido todavía cree que el NPIV está registrado en el tejido. Esto ocurre cuando se cancela el registro de un vport antes de que Remove All DA_ID CT y LOGO ELS se envíen a la estructura. Actualmente, fc_remove_host(), que llama a dev_loss_tmo para todos los D_ID, incluido el D_ID de tejido, elimina la última referencia de ndlp y libera el objeto de informe de ndlp. Esto a veces provoca la condición de ejecución en la que el DA_ID y el LOGO finales no se envían al conmutador de estructura. Para solucionarlo, mueva las llamadas fc_remove_host() y scsi_remove_host() después de enviar DA_ID y LOGO.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-30 CVE Reserved
- 2024-05-30 CVE Published
- 2024-05-31 EPSS Updated
- 2024-11-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-459: Incomplete Cleanup
CAPEC
References (7)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2024-36952 | 2024-10-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2284598 | 2024-10-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.15.159 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.159" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.1.91 Search vendor "Linux" for product "Linux Kernel" and version " < 6.1.91" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.6.31 Search vendor "Linux" for product "Linux Kernel" and version " < 6.6.31" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.8.10 Search vendor "Linux" for product "Linux Kernel" and version " < 6.8.10" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " < 6.9" | en |
Affected
| ||||||