CVE-2024-26917

scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" This reverts commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, since it changed sping locks from "bh" to "irqsave". Instead, a work queue should be used, and will be addressed in a separate commit.

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/94a600226b6d0ef065ee84024b450b566c5a87d6 patch
https://git.kernel.org/stable/c/2209fc6e3d7727d787dc6ef9baa1e9eae6b1295b patch
https://git.kernel.org/stable/c/7d4e19f7ff644c5b79e8271df8ac2e549b436a5b patch
https://git.kernel.org/stable/c/5b8f473c4de95c056c1c767b1ad48c191544f6a5 patch
https://git.kernel.org/stable/c/6bb22ac1d11d7d20f91e7fd2e657a9e5f6db65e0 patch
https://git.kernel.org/stable/c/2996c7e97ea7cf4c1838a1b1dbc0885934113783 patch
https://git.kernel.org/stable/c/25675159040bffc7992d5163f3f33ba7d0142f21 patch
https://git.kernel.org/stable/c/977fe773dcc7098d8eaf4ee6382cb51e13e784cb patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html mailing list
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html mailing list

Frequently Asked Questions

What is the severity of CVE-2024-26917?
CVE-2024-26917 has been scored as a medium severity vulnerability.
How to fix CVE-2024-26917?
To fix CVE-2024-26917, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-26917 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-26917 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-26917?
CVE-2024-26917 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.