CVE-2022-50744
Unknown Unknown - Not Provided
Hard Lockup in Linux lpfc Driver Due to Spinlock Flaw

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a hard lockup similar to the call trace below may occur. The spin_lock_bh in lpfc_rx_monitor_report is not protecting from timer interrupts as expected, so change the strength of the spin lock to _irq. Kernel panic - not syncing: Hard LOCKUP CPU: 3 PID: 110402 Comm: cat Kdump: loaded exception RIP: native_queued_spin_lock_slowpath+91 [IRQ stack] native_queued_spin_lock_slowpath at ffffffffb814e30b _raw_spin_lock at ffffffffb89a667a lpfc_rx_monitor_record at ffffffffc0a73a36 [lpfc] lpfc_cmf_timer at ffffffffc0abbc67 [lpfc] __hrtimer_run_queues at ffffffffb8184250 hrtimer_interrupt at ffffffffb8184ab0 smp_apic_timer_interrupt at ffffffffb8a026ba apic_timer_interrupt at ffffffffb8a01c4f [End of IRQ stack] apic_timer_interrupt at ffffffffb8a01c4f lpfc_rx_monitor_report at ffffffffc0a73c80 [lpfc] lpfc_rx_monitor_read at ffffffffc0addde1 [lpfc] full_proxy_read at ffffffffb83e7fc3 vfs_read at ffffffffb833fe71 ksys_read at ffffffffb83402af do_syscall_64 at ffffffffb800430b entry_SYSCALL_64_after_hwframe at ffffffffb8a000ad
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-05-07
AI Q&A
2025-12-25
EPSS Evaluated
2026-05-05
NVD
CVE-2022-50744
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux kernel *
emule lpfc *
emulex lpfc *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by monitoring for hard lockups or kernel panics occurring when reading the file /sys/kernel/debug/lpfc/fnX/rx_monitor. Specifically, running the command `cat /sys/kernel/debug/lpfc/fnX/rx_monitor` may trigger the issue if the system is vulnerable. Observing kernel logs for messages related to hard lockups, spin_lock failures, or stack traces involving lpfc_rx_monitor functions can also help detect the problem.


Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's lpfc driver, where reading the rx_monitor file from debugfs during I/O operations can cause a hard lockup (kernel panic). The issue is due to the spin_lock_bh in lpfc_rx_monitor_report not properly protecting against timer interrupts, leading to a deadlock situation. The fix involves changing the spin lock to a stronger _irq variant to prevent this hard lockup.


How can this vulnerability impact me? :

This vulnerability can cause a hard lockup or kernel panic on the affected system when the rx_monitor debugfs file is read simultaneously with I/O operations. This results in the system becoming unresponsive, potentially causing downtime and loss of availability.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include avoiding reading the /sys/kernel/debug/lpfc/fnX/rx_monitor file during I/O operations to prevent triggering the hard lockup. Applying the kernel patch that changes the spin lock from spin_lock_bh to spin_lock_irq in the lpfc_rx_monitor_report function will fix the issue. If a patch is not yet available, consider disabling or limiting access to the debugfs lpfc rx_monitor interface until the fix can be applied.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart