CVE-2022-49537

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49537
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49537.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49537
Downstream
Related
Published
2025-02-26T02:13:54.542Z
Modified
2025-11-19T15:51:41.691613Z
Summary
scsi: lpfc: Fix call trace observed during I/O with CMF enabled
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix call trace observed during I/O with CMF enabled

The following was seen with CMF enabled:

BUG: using smpprocessorid() in preemptible code: systemd-udevd/31711 kernel: caller is lpfcupdatecmfcmd+0x214/0x420 [lpfc] kernel: CPU: 12 PID: 31711 Comm: systemd-udevd kernel: Call Trace: kernel: <TASK> kernel: dumpstacklvl+0x44/0x57 kernel: checkpreemptiondisabled+0xbf/0xe0 kernel: lpfcupdatecmfcmd+0x214/0x420 [lpfc] kernel: lpfcnvmefcpiosubmit+0x23b4/0x4df0 [lpfc]

thiscpuptr() calls smpprocessorid() in a preemptible context.

Fix by using percpuptr() with rawsmpprocessor_id() instead.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
02243836ad6f384284f10302e6b820b893960d1c
Fixed
ae373d66c427812754db5292eb1481b181daf9ce
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
02243836ad6f384284f10302e6b820b893960d1c
Fixed
cd7f899de4b1b829125d72ee6fbfd878b637b815
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
02243836ad6f384284f10302e6b820b893960d1c
Fixed
517e0835cfb2007713ff16c4fb8479f08b16aec7
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
02243836ad6f384284f10302e6b820b893960d1c
Fixed
d6d45f67a11136cb88a70a29ab22ea6db8ae6bd5

Affected versions

v5.*

v5.14
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.17.10
v5.17.11
v5.17.12
v5.17.13
v5.17.2
v5.17.3
v5.17.4
v5.17.5
v5.17.6
v5.17.7
v5.17.8
v5.17.9
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.2

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "target": {
            "file": "drivers/scsi/lpfc/lpfc_scsi.c",
            "function": "lpfc_update_cmf_cmd"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d6d45f67a11136cb88a70a29ab22ea6db8ae6bd5",
        "digest": {
            "length": 737.0,
            "function_hash": "263999513435577542527505645989002835149"
        },
        "id": "CVE-2022-49537-0f8b06d6"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "target": {
            "file": "drivers/scsi/lpfc/lpfc_scsi.c"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d6d45f67a11136cb88a70a29ab22ea6db8ae6bd5",
        "digest": {
            "line_hashes": [
                "219656927204132184599454274530046761134",
                "38321439074163431192172122879907760807",
                "86349320209626101125567671880854743199",
                "102878966772767951901419285007242397993",
                "217811690778488974376773720849076344106",
                "20959903151311402959322806723557342739",
                "176859291608841856155475577005498959371",
                "94308223431483111773366469405563889023"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2022-49537-52fb43ae"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "target": {
            "file": "drivers/scsi/lpfc/lpfc_scsi.c",
            "function": "lpfc_update_cmf_cmpl"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d6d45f67a11136cb88a70a29ab22ea6db8ae6bd5",
        "digest": {
            "length": 380.0,
            "function_hash": "92664278304404604782288612818254265717"
        },
        "id": "CVE-2022-49537-f2398e5f"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
5.15.46
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.17.14
Type
ECOSYSTEM
Events
Introduced
5.18.0
Fixed
5.18.3