{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49537", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T02:08:31.589Z", "datePublished": "2025-02-26T02:13:54.542Z", "dateUpdated": "2025-05-04T08:40:04.192Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:40:04.192Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix call trace observed during I/O with CMF enabled\n\nThe following was seen with CMF enabled:\n\nBUG: using smp_processor_id() in preemptible\ncode: systemd-udevd/31711\nkernel: caller is lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: CPU: 12 PID: 31711 Comm: systemd-udevd\nkernel: Call Trace:\nkernel: <TASK>\nkernel: dump_stack_lvl+0x44/0x57\nkernel: check_preemption_disabled+0xbf/0xe0\nkernel: lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: lpfc_nvme_fcp_io_submit+0x23b4/0x4df0 [lpfc]\n\nthis_cpu_ptr() calls smp_processor_id() in a preemptible context.\n\nFix by using per_cpu_ptr() with raw_smp_processor_id() instead."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/lpfc/lpfc_scsi.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ae373d66c427812754db5292eb1481b181daf9ce", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "cd7f899de4b1b829125d72ee6fbfd878b637b815", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "517e0835cfb2007713ff16c4fb8479f08b16aec7", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "d6d45f67a11136cb88a70a29ab22ea6db8ae6bd5", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/lpfc/lpfc_scsi.c"], "versions": [{"version": "5.15.46", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.17.14", "lessThanOrEqual": "5.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.18.3", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.46"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.17.14"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.18.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/ae373d66c427812754db5292eb1481b181daf9ce"}, {"url": "https://git.kernel.org/stable/c/cd7f899de4b1b829125d72ee6fbfd878b637b815"}, {"url": "https://git.kernel.org/stable/c/517e0835cfb2007713ff16c4fb8479f08b16aec7"}, {"url": "https://git.kernel.org/stable/c/d6d45f67a11136cb88a70a29ab22ea6db8ae6bd5"}], "title": "scsi: lpfc: Fix call trace observed during I/O with CMF enabled", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "40E62665-0BA6-440F-83E8-6F8EC2D3C9DF", "versionEndExcluding": "5.15.46", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252", "versionEndExcluding": "5.17.14", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2", "versionEndExcluding": "5.18.3", "versionStartIncluding": "5.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix call trace observed during I/O with CMF enabled\n\nThe following was seen with CMF enabled:\n\nBUG: using smp_processor_id() in preemptible\ncode: systemd-udevd/31711\nkernel: caller is lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: CPU: 12 PID: 31711 Comm: systemd-udevd\nkernel: Call Trace:\nkernel: <TASK>\nkernel: dump_stack_lvl+0x44/0x57\nkernel: check_preemption_disabled+0xbf/0xe0\nkernel: lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: lpfc_nvme_fcp_io_submit+0x23b4/0x4df0 [lpfc]\n\nthis_cpu_ptr() calls smp_processor_id() in a preemptible context.\n\nFix by using per_cpu_ptr() with raw_smp_processor_id() instead."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: lpfc: Se ha corregido el seguimiento de llamadas observado durante la E/S con CMF habilitado Se observ\u00f3 lo siguiente con CMF habilitado: ERROR: using smp_processor_id() in preemptible code: systemd-udevd/31711 kernel: caller is lpfc_update_cmf_cmd+0x214/0x420 [lpfc] kernel: CPU: 12 PID: 31711 Comm: systemd-udevd kernel: Call Trace: kernel: kernel: dump_stack_lvl+0x44/0x57 kernel: check_preemption_disabled+0xbf/0xe0 kernel: lpfc_update_cmf_cmd+0x214/0x420 [lpfc] kernel: lpfc_nvme_fcp_io_submit+0x23b4/0x4df0 [lpfc] this_cpu_ptr() calls smp_processor_id() in a preemptible context. Fix by using per_cpu_ptr() with raw_smp_processor_id() instead. "}], "id": "CVE-2022-49537", "lastModified": "2025-10-21T12:05:07.657", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-02-26T07:01:29.667", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/517e0835cfb2007713ff16c4fb8479f08b16aec7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ae373d66c427812754db5292eb1481b181daf9ce"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cd7f899de4b1b829125d72ee6fbfd878b637b815"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d6d45f67a11136cb88a70a29ab22ea6db8ae6bd5"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2022:7683", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-425.3.1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2022:8267", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.6.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}], "bugzilla": {"description": "kernel: scsi: lpfc: Fix call trace observed during I/O with CMF enabled", "id": "2348079", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348079"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-362", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nscsi: lpfc: Fix call trace observed during I/O with CMF enabled\nThe following was seen with CMF enabled:\nBUG: using smp_processor_id() in preemptible\ncode: systemd-udevd/31711\nkernel: caller is lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: CPU: 12 PID: 31711 Comm: systemd-udevd\nkernel: Call Trace:\nkernel: <TASK>\nkernel: dump_stack_lvl+0x44/0x57\nkernel: check_preemption_disabled+0xbf/0xe0\nkernel: lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: lpfc_nvme_fcp_io_submit+0x23b4/0x4df0 [lpfc]\nthis_cpu_ptr() calls smp_processor_id() in a preemptible context.\nFix by using per_cpu_ptr() with raw_smp_processor_id() instead.", "A vulnerability has been identified in the lpfc module within the Linux kernel. This flaw occurs because the driver attempts to access per-CPU data from a preemptible context using an incorrect function. This improper handling of critical data can lead to system instability and result in a denial-of-service condition."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2022-49537", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49537\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49537\nhttps://lore.kernel.org/linux-cve-announce/2025022613-CVE-2022-49537-abf2@gregkh/T"], "statement": "This issue has been fixed in Red Hat Enterprise Linux 8.7 and 9.1 via RHSA-2022:7683 [1] and RHSA-2022:8267 [2], respectively.\n[1]. https://access.redhat.com/errata/RHSA-2022:7683\n[2]. https://access.redhat.com/errata/RHSA-2022:8267", "threat_severity": "Moderate"}

{}