CVE-2022-49155
📋 TL;DR
This CVE involves a kernel bug in the QLogic Fibre Channel driver (qla2xxx) where smp_processor_id() is called in preemptible context during qla_create_qpair(). This can cause kernel complaints and potential system instability. Affected systems are those running Linux kernels with the vulnerable qla2xxx driver.
💻 Affected Systems
- Linux kernel with qla2xxx driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic or system crash leading to denial of service, potentially disrupting storage operations and causing data unavailability.
Likely Case
Kernel warning messages in system logs and potential minor performance degradation during driver initialization.
If Mitigated
No impact if patched; otherwise, occasional kernel warnings during storage adapter initialization.
🎯 Exploit Status
This appears to be a kernel bug rather than a security vulnerability; exploitation would require local access and specific conditions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits: 1ab81d82fb1db7ec4be4b0d04563513e6d4bcdd5, 43195a0c620761fbb88db04e2475313855b948a4, 8077a7162bc3cf658dd9ff112bc77716c08458c5, 9c33d49ab9f3d8bd7512b3070cd2f07c4a8849d5, a60447e7d451df42c7bde43af53b34f10f34f469
Vendor Advisory: https://git.kernel.org/stable/c/1ab81d82fb1db7ec4be4b0d04563513e6d4bcdd5
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. Reboot system to load new kernel. 3. Verify qla2xxx driver loads without errors.
🔧 Temporary Workarounds
Disable qla2xxx driver
linuxBlacklist or disable the qla2xxx driver if QLogic HBAs are not required
echo 'blacklist qla2xxx' >> /etc/modprobe.d/blacklist.conf
rmmod qla2xxx
🧯 If You Can't Patch
- Monitor system logs for kernel warnings related to qla2xxx
- Ensure proper backups of data accessible through affected storage adapters
🔍 How to Verify
Check if Vulnerable:
Check kernel version and look for 'BUG: using smp_processor_id() in preemptible' messages in dmesg or /var/log/messagesCheck Version:
uname -rVerify Fix Applied:
Check that kernel version includes the fix commits and that no qla2xxx-related kernel warnings appear during boot📡 Detection & Monitoring
Log Indicators:
- BUG: using smp_processor_id() in preemptible
- qla2xxx_create_qpair+0x32a/0x5d0 in kernel stack traces
- systemd-udevd processes triggering kernel warnings
Network Indicators:
- None - this is a local kernel issue
SIEM Query:
source="kernel" AND "smp_processor_id() in preemptible" AND "qla2xxx"🔗 References
- https://git.kernel.org/stable/c/1ab81d82fb1db7ec4be4b0d04563513e6d4bcdd5
- https://git.kernel.org/stable/c/43195a0c620761fbb88db04e2475313855b948a4
- https://git.kernel.org/stable/c/8077a7162bc3cf658dd9ff112bc77716c08458c5
- https://git.kernel.org/stable/c/9c33d49ab9f3d8bd7512b3070cd2f07c4a8849d5
- https://git.kernel.org/stable/c/a60447e7d451df42c7bde43af53b34f10f34f469
- https://git.kernel.org/stable/c/a669a22aef0ceff706b885370af74b5a60a8ac85
- https://git.kernel.org/stable/c/f68776f28d9134fa65056e7e63bfc734049730b7
- https://git.kernel.org/stable/c/f97316dd393bc8df1cc2af6295a97b876eecf252
