ghsa-c5v2-x8pv-3r93
Vulnerability from github
Published
2024-05-03 15:30
Modified
2024-06-03 18:53
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/irdma: Fix drain SQ hang with no completion

SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ib_drain_sq to hang with no completion.

Fix this to generate completions on the right CQ.

[ 863.969340] INFO: task kworker/u52:2:671 blocked for more than 122 seconds. [ 863.979224] Not tainted 5.14.0-130.el9.x86_64 #1 [ 863.986588] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 863.996997] task:kworker/u52:2 state:D stack: 0 pid: 671 ppid: 2 flags:0x00004000 [ 864.007272] Workqueue: xprtiod xprt_autoclose [sunrpc] [ 864.014056] Call Trace: [ 864.017575] __schedule+0x206/0x580 [ 864.022296] schedule+0x43/0xa0 [ 864.026736] schedule_timeout+0x115/0x150 [ 864.032185] __wait_for_common+0x93/0x1d0 [ 864.037717] ? usleep_range_state+0x90/0x90 [ 864.043368] __ib_drain_sq+0xf6/0x170 [ib_core] [ 864.049371] ? __rdma_block_iter_next+0x80/0x80 [ib_core] [ 864.056240] ib_drain_sq+0x66/0x70 [ib_core] [ 864.062003] rpcrdma_xprt_disconnect+0x82/0x3b0 [rpcrdma] [ 864.069365] ? xprt_prepare_transmit+0x5d/0xc0 [sunrpc] [ 864.076386] xprt_rdma_close+0xe/0x30 [rpcrdma] [ 864.082593] xprt_autoclose+0x52/0x100 [sunrpc] [ 864.088718] process_one_work+0x1e8/0x3c0 [ 864.094170] worker_thread+0x50/0x3b0 [ 864.099109] ? rescuer_thread+0x370/0x370 [ 864.104473] kthread+0x149/0x170 [ 864.109022] ? set_kthread_struct+0x40/0x40 [ 864.114713] ret_from_fork+0x22/0x30

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-48694"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T15:15:08Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix drain SQ hang with no completion\n\nSW generated completions for outstanding WRs posted on SQ\nafter QP is in error target the wrong CQ. This causes the\nib_drain_sq to hang with no completion.\n\nFix this to generate completions on the right CQ.\n\n[  863.969340] INFO: task kworker/u52:2:671 blocked for more than 122 seconds.\n[  863.979224]       Not tainted 5.14.0-130.el9.x86_64 #1\n[  863.986588] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[  863.996997] task:kworker/u52:2   state:D stack:    0 pid:  671 ppid:     2 flags:0x00004000\n[  864.007272] Workqueue: xprtiod xprt_autoclose [sunrpc]\n[  864.014056] Call Trace:\n[  864.017575]  __schedule+0x206/0x580\n[  864.022296]  schedule+0x43/0xa0\n[  864.026736]  schedule_timeout+0x115/0x150\n[  864.032185]  __wait_for_common+0x93/0x1d0\n[  864.037717]  ? usleep_range_state+0x90/0x90\n[  864.043368]  __ib_drain_sq+0xf6/0x170 [ib_core]\n[  864.049371]  ? __rdma_block_iter_next+0x80/0x80 [ib_core]\n[  864.056240]  ib_drain_sq+0x66/0x70 [ib_core]\n[  864.062003]  rpcrdma_xprt_disconnect+0x82/0x3b0 [rpcrdma]\n[  864.069365]  ? xprt_prepare_transmit+0x5d/0xc0 [sunrpc]\n[  864.076386]  xprt_rdma_close+0xe/0x30 [rpcrdma]\n[  864.082593]  xprt_autoclose+0x52/0x100 [sunrpc]\n[  864.088718]  process_one_work+0x1e8/0x3c0\n[  864.094170]  worker_thread+0x50/0x3b0\n[  864.099109]  ? rescuer_thread+0x370/0x370\n[  864.104473]  kthread+0x149/0x170\n[  864.109022]  ? set_kthread_struct+0x40/0x40\n[  864.114713]  ret_from_fork+0x22/0x30",
  "id": "GHSA-c5v2-x8pv-3r93",
  "modified": "2024-06-03T18:53:46Z",
  "published": "2024-05-03T15:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48694"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/14d148401c5202fec3a071e24785481d540b22c3"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5becc531a3fa8da75158a8993f56cc3e0717716e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ead54ced6321099978d30d62dc49c282a6e70574"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.