{ "threat_severity" : "Moderate", "public_date" : "2025-12-24T00:00:00Z", "bugzilla" : { "description" : "kernel: Linux kernel: Hard lockup in lpfc driver leads to Denial of Service", "id" : "2425198", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2425198" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-413", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nscsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs\nDuring I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a\nhard lockup similar to the call trace below may occur.\nThe spin_lock_bh in lpfc_rx_monitor_report is not protecting from timer\ninterrupts as expected, so change the strength of the spin lock to _irq.\nKernel panic - not syncing: Hard LOCKUP\nCPU: 3 PID: 110402 Comm: cat Kdump: loaded\nexception RIP: native_queued_spin_lock_slowpath+91\n[IRQ stack]\nnative_queued_spin_lock_slowpath at ffffffffb814e30b\n_raw_spin_lock at ffffffffb89a667a\nlpfc_rx_monitor_record at ffffffffc0a73a36 [lpfc]\nlpfc_cmf_timer at ffffffffc0abbc67 [lpfc]\n__hrtimer_run_queues at ffffffffb8184250\nhrtimer_interrupt at ffffffffb8184ab0\nsmp_apic_timer_interrupt at ffffffffb8a026ba\napic_timer_interrupt at ffffffffb8a01c4f\n[End of IRQ stack]\napic_timer_interrupt at ffffffffb8a01c4f\nlpfc_rx_monitor_report at ffffffffc0a73c80 [lpfc]\nlpfc_rx_monitor_read at ffffffffc0addde1 [lpfc]\nfull_proxy_read at ffffffffb83e7fc3\nvfs_read at ffffffffb833fe71\nksys_read at ffffffffb83402af\ndo_syscall_64 at ffffffffb800430b\nentry_SYSCALL_64_after_hwframe at ffffffffb8a000ad", "A flaw was found in the Linux kernel. A local user could trigger a hard lockup by concurrently reading the `rx_monitor` from `debugfs` during I/O operations in the `lpfc` driver. This concurrency issue, caused by insufficient spin lock protection, leads to a system crash and results in a Denial of Service (DoS)." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-05-16T00:00:00Z", "advisory" : "RHSA-2023:2951", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-477.10.1.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2458", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-284.11.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2458", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-284.11.1.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Fix deferred", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-50744\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50744\nhttps://lore.kernel.org/linux-cve-announce/2025122449-CVE-2022-50744-bc80@gregkh/T" ], "name" : "CVE-2022-50744", "csaw" : false }