{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48758", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-20T11:09:39.059Z", "datePublished": "2024-06-20T11:13:37.204Z", "dateUpdated": "2025-05-04T08:22:29.195Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:22:29.195Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port's destroy_work queue. It's not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w &\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group 'power' not found for kobject 'rport-2:0-0'\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/bnx2fc/bnx2fc_fcoe.c"], "versions": [{"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "2a12fe8248a38437b95b942bbe85aced72e6e2eb", "status": "affected", "versionType": "git"}, {"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "262550f29c750f7876b6ed1244281e72b64ebffb", "status": "affected", "versionType": "git"}, {"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "c93a290c862ccfa404e42d7420565730d67cbff9", "status": "affected", "versionType": "git"}, {"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "de6336b17a1376db1c0f7a528cce8783db0881c0", "status": "affected", "versionType": "git"}, {"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "bf2bd892a0cb14dd2d21f2c658f4b747813be311", "status": "affected", "versionType": "git"}, {"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "00849de10f798a9538242824a51b1756e7110754", "status": "affected", "versionType": "git"}, {"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "b11e34f7bab21df36f02a5e54fb69e858c09a65d", "status": "affected", "versionType": "git"}, {"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "ace7b6ef41251c5fe47f629a9a922382fb7b0a6b", "status": "affected", "versionType": "git"}, {"version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "847f9ea4c5186fdb7b84297e3eeed9e340e83fce", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/bnx2fc/bnx2fc_fcoe.c"], "versions": [{"version": "3.2", "status": "affected"}, {"version": "0", "lessThan": "3.2", "status": "unaffected", "versionType": "semver"}, {"version": "4.4.302", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.300", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.265", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.228", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.176", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.96", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.19", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16.5", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "4.4.302"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "4.9.300"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "4.14.265"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "4.19.228"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "5.4.176"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "5.10.96"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "5.15.19"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "5.16.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.2", "versionEndExcluding": "5.17"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/2a12fe8248a38437b95b942bbe85aced72e6e2eb"}, {"url": "https://git.kernel.org/stable/c/262550f29c750f7876b6ed1244281e72b64ebffb"}, {"url": "https://git.kernel.org/stable/c/c93a290c862ccfa404e42d7420565730d67cbff9"}, {"url": "https://git.kernel.org/stable/c/de6336b17a1376db1c0f7a528cce8783db0881c0"}, {"url": "https://git.kernel.org/stable/c/bf2bd892a0cb14dd2d21f2c658f4b747813be311"}, {"url": "https://git.kernel.org/stable/c/00849de10f798a9538242824a51b1756e7110754"}, {"url": "https://git.kernel.org/stable/c/b11e34f7bab21df36f02a5e54fb69e858c09a65d"}, {"url": "https://git.kernel.org/stable/c/ace7b6ef41251c5fe47f629a9a922382fb7b0a6b"}, {"url": "https://git.kernel.org/stable/c/847f9ea4c5186fdb7b84297e3eeed9e340e83fce"}], "title": "scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-20T14:53:30.492120Z", "id": "CVE-2022-48758", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-27T18:16:35.348Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:00.353Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/2a12fe8248a38437b95b942bbe85aced72e6e2eb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/262550f29c750f7876b6ed1244281e72b64ebffb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c93a290c862ccfa404e42d7420565730d67cbff9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/de6336b17a1376db1c0f7a528cce8783db0881c0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bf2bd892a0cb14dd2d21f2c658f4b747813be311", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/00849de10f798a9538242824a51b1756e7110754", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b11e34f7bab21df36f02a5e54fb69e858c09a65d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ace7b6ef41251c5fe47f629a9a922382fb7b0a6b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/847f9ea4c5186fdb7b84297e3eeed9e340e83fce", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/2a12fe8248a38437b95b942bbe85aced72e6e2eb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/262550f29c750f7876b6ed1244281e72b64ebffb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c93a290c862ccfa404e42d7420565730d67cbff9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/de6336b17a1376db1c0f7a528cce8783db0881c0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bf2bd892a0cb14dd2d21f2c658f4b747813be311", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/00849de10f798a9538242824a51b1756e7110754", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b11e34f7bab21df36f02a5e54fb69e858c09a65d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ace7b6ef41251c5fe47f629a9a922382fb7b0a6b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/847f9ea4c5186fdb7b84297e3eeed9e340e83fce", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:00.353Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48758", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-20T14:53:30.492120Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-27T18:16:29.468Z"}}], "cna": {"title": "scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "2a12fe8248a38437b95b942bbe85aced72e6e2eb", "versionType": "git"}, {"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "262550f29c750f7876b6ed1244281e72b64ebffb", "versionType": "git"}, {"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "c93a290c862ccfa404e42d7420565730d67cbff9", "versionType": "git"}, {"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "de6336b17a1376db1c0f7a528cce8783db0881c0", "versionType": "git"}, {"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "bf2bd892a0cb14dd2d21f2c658f4b747813be311", "versionType": "git"}, {"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "00849de10f798a9538242824a51b1756e7110754", "versionType": "git"}, {"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "b11e34f7bab21df36f02a5e54fb69e858c09a65d", "versionType": "git"}, {"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "ace7b6ef41251c5fe47f629a9a922382fb7b0a6b", "versionType": "git"}, {"status": "affected", "version": "0cbf32e1681d870632a1772601cbaadd996dc978", "lessThan": "847f9ea4c5186fdb7b84297e3eeed9e340e83fce", "versionType": "git"}], "programFiles": ["drivers/scsi/bnx2fc/bnx2fc_fcoe.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3.2"}, {"status": "unaffected", "version": "0", "lessThan": "3.2", "versionType": "semver"}, {"status": "unaffected", "version": "4.4.302", "versionType": "semver", "lessThanOrEqual": "4.4.*"}, {"status": "unaffected", "version": "4.9.300", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.265", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.228", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.176", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.96", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.19", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16.5", "versionType": "semver", "lessThanOrEqual": "5.16.*"}, {"status": "unaffected", "version": "5.17", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/scsi/bnx2fc/bnx2fc_fcoe.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/2a12fe8248a38437b95b942bbe85aced72e6e2eb"}, {"url": "https://git.kernel.org/stable/c/262550f29c750f7876b6ed1244281e72b64ebffb"}, {"url": "https://git.kernel.org/stable/c/c93a290c862ccfa404e42d7420565730d67cbff9"}, {"url": "https://git.kernel.org/stable/c/de6336b17a1376db1c0f7a528cce8783db0881c0"}, {"url": "https://git.kernel.org/stable/c/bf2bd892a0cb14dd2d21f2c658f4b747813be311"}, {"url": "https://git.kernel.org/stable/c/00849de10f798a9538242824a51b1756e7110754"}, {"url": "https://git.kernel.org/stable/c/b11e34f7bab21df36f02a5e54fb69e858c09a65d"}, {"url": "https://git.kernel.org/stable/c/ace7b6ef41251c5fe47f629a9a922382fb7b0a6b"}, {"url": "https://git.kernel.org/stable/c/847f9ea4c5186fdb7b84297e3eeed9e340e83fce"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port's destroy_work queue. It's not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w &\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group 'power' not found for kobject 'rport-2:0-0'\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.4.302", "versionStartIncluding": "3.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.9.300", "versionStartIncluding": "3.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.265", "versionStartIncluding": "3.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.228", "versionStartIncluding": "3.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.176", "versionStartIncluding": "3.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.96", "versionStartIncluding": "3.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.19", "versionStartIncluding": "3.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.16.5", "versionStartIncluding": "3.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.17", "versionStartIncluding": "3.2"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:22:29.195Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48758", "state": "PUBLISHED", "dateUpdated": "2025-05-04T08:22:29.195Z", "dateReserved": "2024-06-20T11:09:39.059Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-20T11:13:37.204Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5CD5050-1CA7-4785-B7CB-41F9302F68CF", "versionEndExcluding": "4.4.302", "versionStartIncluding": "3.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3BD638C-9597-4C2B-8024-32F57E1B53E3", "versionEndExcluding": "4.9.300", "versionStartIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F849B5B-93E9-438A-AE05-0380EC168436", "versionEndExcluding": "4.14.265", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "87288F16-8DE4-4680-95D9-8601B47620D7", "versionEndExcluding": "4.19.228", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "581D4C61-D3FC-4DB2-85E3-EE596EEBA89E", "versionEndExcluding": "5.4.176", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "27A6621A-A196-4220-957F-334B9124E477", "versionEndExcluding": "5.10.96", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF69DD7C-FD57-4914-ABB0-FAEF87B0289D", "versionEndExcluding": "5.15.19", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1AD9E77E-B27E-450C-8FD8-B64EC5FB002D", "versionEndExcluding": "5.16.5", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*", "matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port's destroy_work queue. It's not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w &\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group 'power' not found for kobject 'rport-2:0-0'\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: bnx2fc: Vaciar la cola destroy_work antes de llamar a bnx2fc_interface_put() Las funciones bnx2fc_destroy() eliminan la interfaz antes de llamar a destroy_work. Esto genera m\u00faltiples ADVERTENCIAS de sysfs_remove_group() ya que los atributos del dispositivo de informe del controlador se eliminan demasiado pronto. Reemplace la cola destroy_work de fcoe_port. No es necesario. El problema es f\u00e1cilmente reproducible con los siguientes pasos. Ejemplo: $ dmesg -w & $ systemctl enable --now fcoe $ fipvlan -s -c ens2f1 $ fcoeadm -d ens2f1.802 [ 583.464488] host2: libfc: Enlace ca\u00eddo en el puerto (7500a1) [ 583.472651] bnx2fc: 7500a1 - rport \u00a1\u00a1A\u00fan no creado!! [583.490468] ------------[ cortar aqu\u00ed ]------------ [ 583.538725] grupo sysfs 'power' no encontrado para kobject 'rport-2:0- 0' [583.568814] ADVERTENCIA: CPU: 3 PID: 192 en fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80 [583.607130] M\u00f3dulos vinculados en: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio ss_krb5 auth_rpcgss nfsv4 ... [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: cargado No contaminado 5.14.0-39.el9.x86_64 #1 [ 583.984105] Nombre de hardware: HP ProLiant DL120 G7, BIOS J01 01/07/2013 [ 584.016535] Cola de trabajo: fc_wq_2 fc_rport_final_delete [scsi_transport_fc] [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80 [ 584.074725] C\u00f3digo: ff 5b 48 89 ef 5d 41 c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ... [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282 [ 584.188225] RAX: 0000000000000000 RBX: 4220 RCX: 0000000000000000 [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0 [ 584.255089 ] RBP: 0000000000000000 R08: 00000000000000000 R09: ffffb567c15afc00 [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: 6400 [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004 [ 584.355379] FS: 0000000000000000(0000) 6cc0000(0000) knlGS :0000000000000000 [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0 [ 584.454888] Seguimiento de llamadas: [ 584.466108] dispositivo_del+0xb2/0x3e0 [ 584.481701] dispositivo_unregister+0x13/ 0x60 [ 584.501306] bsg_unregister_queue+0x5b/0x80 [ 584.522029] bsg_remove_queue+0x1c/0x40 [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc] [ 3823] proceso_one_work+0x1e3/0x3b0 [ 584.592396] hilo_trabajador+0x50/0x3b0 [ 584.609256] ? hilo_rescate+0x370/0x370 [ 584.628877] kthread+0x149/0x170 [ 584.643673] ? set_kthread_struct+0x40/0x40 [ 584.662909] ret_from_fork+0x22/0x30 [ 584.680002] ---[ final de seguimiento 53575ecefa942ece ]---"}], "id": "CVE-2022-48758", "lastModified": "2025-09-29T17:23:31.897", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-20T12:15:13.927", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/00849de10f798a9538242824a51b1756e7110754"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/262550f29c750f7876b6ed1244281e72b64ebffb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2a12fe8248a38437b95b942bbe85aced72e6e2eb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/847f9ea4c5186fdb7b84297e3eeed9e340e83fce"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ace7b6ef41251c5fe47f629a9a922382fb7b0a6b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b11e34f7bab21df36f02a5e54fb69e858c09a65d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bf2bd892a0cb14dd2d21f2c658f4b747813be311"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c93a290c862ccfa404e42d7420565730d67cbff9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/de6336b17a1376db1c0f7a528cce8783db0881c0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/00849de10f798a9538242824a51b1756e7110754"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/262550f29c750f7876b6ed1244281e72b64ebffb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2a12fe8248a38437b95b942bbe85aced72e6e2eb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/847f9ea4c5186fdb7b84297e3eeed9e340e83fce"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ace7b6ef41251c5fe47f629a9a922382fb7b0a6b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b11e34f7bab21df36f02a5e54fb69e858c09a65d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bf2bd892a0cb14dd2d21f2c658f4b747813be311"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c93a290c862ccfa404e42d7420565730d67cbff9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/de6336b17a1376db1c0f7a528cce8783db0881c0"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()", "id": "2293381", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293381"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-404", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\nReplace the fcoe_port's destroy_work queue. It's not needed.\nThe problem is easily reproducible with the following steps.\nExample:\n$ dmesg -w &\n$ systemctl enable --now fcoe\n$ fipvlan -s -c ens2f1\n$ fcoeadm -d ens2f1.802\n[ 583.464488] host2: libfc: Link down on port (7500a1)\n[ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n[ 583.490468] ------------[ cut here ]------------\n[ 583.538725] sysfs group 'power' not found for kobject 'rport-2:0-0'\n[ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n[ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n[ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n[ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n[ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n[ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n[ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n[ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n[ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n[ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n[ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n[ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n[ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n[ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n[ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n[ 584.454888] Call Trace:\n[ 584.466108] device_del+0xb2/0x3e0\n[ 584.481701] device_unregister+0x13/0x60\n[ 584.501306] bsg_unregister_queue+0x5b/0x80\n[ 584.522029] bsg_remove_queue+0x1c/0x40\n[ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n[ 584.573823] process_one_work+0x1e3/0x3b0\n[ 584.592396] worker_thread+0x50/0x3b0\n[ 584.609256] ? rescuer_thread+0x370/0x370\n[ 584.628877] kthread+0x149/0x170\n[ 584.643673] ? set_kthread_struct+0x40/0x40\n[ 584.662909] ret_from_fork+0x22/0x30\n[ 584.680002] ---[ end trace 53575ecefa942ece ]---"], "name": "CVE-2022-48758", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48758\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48758\nhttps://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48758-1500@gregkh/T"], "threat_severity": "Low"}

{"created": "2025-07-12T22:31:36.276962+00:00", "updated": "2025-07-12T22:31:36.277018+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}