PT-2025-8475 · Linux+3 · Linux Kernel+3

James Smart

Published

2022-01-01

Updated

2026-03-14

CVE-2022-49542

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A hard lockup issue in the Linux kernel has been identified, specifically in the lpfc driver. The problem occurs when attempting to log a message with LOG TRACE EVENT, resulting in a system hang. The call trace indicates a deadlock situation where the same CPU tries to claim the phba->port list lock twice. The issue arises from the lpfc dmp dbg() function being called without proper checks.

Recommendations To resolve this issue, move the cfg log verbose checks as part of the lpfc printf vlog() and lpfc printf log() macros before calling lpfc dmp dbg(). Additionally, remove the need to take the phba->port list lock within lpfc dmp dbg().

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

BDU:2026-02621

CVE-2022-49542

OPENSUSE-SU-2025_1263-1

SUSE-SU-2025:01600-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_01600-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Affected Products

Astra Linux

Debian

Linux Kernel

Suse

PT-2025-8475 · Linux+3 · Linux Kernel+3

CVE-2022-49542

Weakness Enumeration

Related Identifiers

Affected Products

References · 1473