SB2024062497 - Resource management error in Linux kernel scsi bnx2fc driver
Published: June 24, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024062497
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2022-48715)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bnx2fc_l2_rcv_thread() and bnx2fc_recv_frame() functions in drivers/scsi/bnx2fc/bnx2fc_fcoe.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3a345198a7c2d1db2526dc60b77052f75de019d3
- https://git.kernel.org/stable/c/471085571f926a1fe6b1bed095638994dbf23990
- https://git.kernel.org/stable/c/003bcee66a8f0e76157eb3af369c173151901d97
- https://git.kernel.org/stable/c/53e4f71763c61a557283eb43301efd671922d1e8
- https://git.kernel.org/stable/c/ec4334152dae175dbd8fd5bde1d2139bbe7b42d0
- https://git.kernel.org/stable/c/2f5a1ac68bdf2899ce822ab845081922ea8c588e
- https://git.kernel.org/stable/c/2d24336c7214b281b51860e54783dfc65f1248df
- https://git.kernel.org/stable/c/936bd03405fc83ba039d42bc93ffd4b88418f1d3
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.265
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.228
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.300
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.22
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.178