Linux Kernel lpfc Hard Lockup Vulnerability

Vulnerability

A vulnerability in the Linux kernel's lpfc SCSI driver can lead to a system hang, known as a hard lockup. This issue occurs when the driver attempts to log a message with the LOG_TRACE_EVENT, causing the system to freeze. The problem arises because the same CPU tries to acquire a lock twice, leading to a kernel panic. The vulnerability has been addressed by moving the cfg_log_verbose checks before the logging function that causes the lock contention.

Impact

Exploitation of this vulnerability causes a hard lockup, where the system becomes unresponsive due to a kernel panic triggered by a lock contention issue in the lpfc driver.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel lpfc Hard Lockup Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating