Linux Kernel SCSI QLA2XXX Driver Scheduling While Atomic Vulnerability

Vulnerability

A vulnerability in the Linux kernel's SCSI QLA2XXX driver can lead to a crash by improperly scheduling a call into the midlayer while in interrupt context. This issue arises when the driver attempts to delete a remote port, a process that can cause the thread to sleep, conflicting with the interrupt context and triggering a scheduling error. The vulnerability has been addressed by ensuring that the call is made in a non-interrupt context, where it is safer.

Impact

Exploitation of this vulnerability causes a kernel crash due to a scheduling error while atomic, disrupting normal operations and potentially leading to a denial of service.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SCSI QLA2XXX Driver Scheduling While Atomic Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating