CVE-2022-50098
scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
18 jun 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts
Ensure SRB is returned during I/O timeout error escalation. If that is not
possible fail the escalation path.
Following crash stack was seen:
BUG: unable to handle kernel paging request at 0000002f56aa90f8
IP: qla_chk_edif_rx_sa_delete_pending+0x14/0x30 [qla2xxx]
Call Trace:
? qla2x00_status_entry+0x19f/0x1c50 [qla2xxx]
? qla2x00_start_sp+0x116/0x1170 [qla2xxx]
? dma_pool_alloc+0x1d6/0x210
? mempool_alloc+0x54/0x130
? qla24xx_process_response_queue+0x548/0x12b0 [qla2xxx]
? qla_do_work+0x2d/0x40 [qla2xxx]
? process_one_work+0x14c/0x390
Productos afectados
Linux · Linux