Linux Kernel SCSI LPFC Preemption Vulnerability

Vulnerability

A vulnerability in the Linux kernel's SCSI LPFC driver was introduced by using 'smp_processor_id()' in a preemptible context, which can lead to call trace issues during I/O operations with Connection Management Function (CMF) enabled. This problem was observed with 'systemd-udevd', where the improper use of 'smp_processor_id()' in a preemptible context caused a bug that was logged. The vulnerability has been addressed by modifying the code to use 'per_cpu_ptr()' with 'raw_smp_processor_id()', eliminating the preemption issue.

Impact

Exploitation of this vulnerability could disrupt normal I/O operations by causing improper call traces, potentially leading to more significant issues in systemd-udevd processing.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SCSI LPFC Preemption Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating