Linux Kernel SCSI FCoE Transport Detachment Vulnerability

A vulnerability exists in the Linux kernel's SCSI FCoE (Fibre Channel over Ethernet) implementation, specifically within the FCoE transport management. When the function 'fcoe_if_init()' fails, the corresponding transport is not properly detached, leaving a freed transport reference in the list of active transports. This oversight can lead to a kernel panic when the FCoE module is reinserted, as the system attempts to access a now-invalid memory reference. The issue arises in the FCoE transport provider driver, which was introduced in a prior commit.

Impact

The vulnerability can cause a kernel panic, disrupting system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by loading the FCoE module and then forcing a failure in the 'fcoe_if_init()' function. This can be done by simulating a condition that causes the initialization to fail, such as a misconfiguration or resource limitation. After the failure, the FCoE module can be unloaded and then reloaded, which will trigger the panic due to the improper transport detachment.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. Instructions for downloading the patched version can be found in the Linux kernel documentation.