Justin Tee

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A resource leak issue has been identified in the Linux kernel, specifically in the lpfc sli4 send seq to ulp() function. When no handler is found in lpfc complete unsol iocb() to match the rctl of a received frame, the frame is dropped, resulting in a resource leak. The issue is resolved by returning resources when discarding an unhandled frame type and updating the lpfc fc frame check() handling of NOP basic link service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A hard lockup issue in the Linux kernel has been identified, specifically in the lpfc driver. The problem occurs when attempting to log a message with LOG TRACE EVENT, resulting in a system hang. The call trace indicates a deadlock situation where the same CPU tries to claim the phba->port list lock twice. The issue arises from the lpfc dmp dbg() function being called without proper checks. **Recommendations** To resolve this issue, move the cfg log verbose checks as part of the lpfc printf vlog() and lpfc printf log() macros before calling lpfc dmp dbg(). Additionally, remove the need to take the phba->port list lock within lpfc dmp dbg(). At the moment, there is no information about a newer version that contains a fix for this vulnerability.