CVE-2022-50744Improper Resource Locking in Linux

CWE-413Improper Resource Locking7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O and simultaneous cat of /sys/kernel/debug/lpfc/fnX/rx_monitor, a hard lockup similar to the call trace below may occur. The spin_lock_bh in lpfc_rx_monitor_report is not protecting from timer interrupts as expected, so change the strength of the spin lock to _irq. Kernel panic - not syncing: Hard LOCKUP CPU: 3 PID: 110402 Comm: cat Kdump: loaded

Affected Packages4 packages

Linuxlinux/linux_kernel5.16.06.0.16+2
Debianlinux/linux_kernel< 6.1.4-1+2
CVEListV5linux/linux21d65b35169112af9b6f873c8eeab972e60107c22cf66428a2545bb33beb9624124a2377468bb478+5
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-jwx3-cmq4-vhrg: In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O2025-12-24
OSV
CVE-2022-50744: In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs During I/O an2025-12-24
OSV
scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Hard lockup in lpfc driver leads to Denial of Service2025-12-24
Debian
CVE-2022-50744: linux - In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc:...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50744 Impact, Exploitability, and Mitigation Steps | Wiz