Linux Kernel SCSI LPFC I/O Memory Mapping Vulnerability

A vulnerability in the Linux kernel's SCSI LPFC driver related to improper memory mapping management has been addressed. The issue arose in the 'lpfc_sli4_pci_mem_setup' function, where certain conditions led to a NULL pointer being passed to the 'iounmap' function'. This could trigger a warning on specific architectures. Additionally, the vulnerability caused a resource leak by failing to properly unmap memory, which could also result in a NULL pointer being passed to 'iounmap'. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could lead to resource leaks by improperly managing memory mappings, potentially causing warnings on certain architectures due to NULL pointers being passed to the 'iounmap' function'.

Reproduction

The vulnerability can be reproduced by triggering the 'lpfc_sli4_pci_mem_setup' function in the SCSI LPFC driver under conditions where the 'if_type' variable is zero or six, and the 'pci_resource_start' function indicates a specific state. This will cause the function to improperly handle memory mappings, leading to the described issues.

Remediation

The vulnerability has been fixed by adding null checks before calling 'iounmap' to prevent passing NULL pointers, and by adjusting the control flow of the function to ensure proper memory management. Users can apply the latest patches available in the Linux kernel stable Git repository to address this vulnerability.