Unrated severityNVD Advisory· Published Jul 9, 2025· Updated Jul 28, 2025
scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out
CVE-2025-38238
Description
In the Linux kernel, the following vulnerability has been resolved:
scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out
When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. On send completion, this causes an attempt to free the same frame twice that leads to a crash.
Fix crash by allocating separate frames for RHBA and RPA, and modify ABTS logic accordingly.
Tested by checking MDS for FDMI information.
Tested by using instrumented driver to:
- Drop PLOGI response
- Drop RHBA response
- Drop RPA response
- Drop RHBA and RPA response
- Drop PLOGI response + ABTS response
- Drop RHBA response + ABTS response
- Drop RPA response + ABTS response
- Drop RHBA and RPA response + ABTS response for both of them
Affected products
23- osv-coords21 versionspkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
< 6.4.0-150700.53.11.1+ 20 more
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.20.11.1
- (no CPE)range: < 6.4.0-150700.53.11.1.150700.17.9.4
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.53.11.3
- (no CPE)range: < 1-150700.1.5.1
- (no CPE)range: < 1-150700.15.3.4
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.7.13.1
- (no CPE)range: < 6.4.0-150700.20.11.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.7.13.1
- (no CPE)range: < 6.4.0-150700.20.11.1
- (no CPE)range: < 6.4.0-150700.53.11.1
- (no CPE)range: < 6.4.0-150700.7.13.1
- (no CPE)range: < 6.4.0-150700.53.11.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.