CVE-2024-36919 in Linux정보

요약

\~에 의해 VulDB • 2026. 07. 02.

Based on the kernel log provided, here is an analysis of the crash and recommended troubleshooting steps.

### **Summary** The system experienced a **kernel panic/oops** in the `bnx2fc` driver (Broadcom NetXtreme II Fibre Channel over Ethernet). The crash occurred during memory deallocation (`__iommu_dma_free`) while freeing resources for an FC session. This is likely triggered by a race condition, use-after-free bug, or hardware/driver instability when handling RPort events.

---

### **Detailed Analysis**

#### **1. Crash Location & Call Trace** The crash happened in the following sequence: ```text __iommu_dma_free+0x96/0x100 # Attempting to free DMA memory via IOMMU bnx2fc_free_session_resc+0x67/0x240 [bnx2fc] # Freeing resources for an FC session
bnx2fc_upload_session+0xce/0x100 [bnx2fc] # Uploading/configuring a new session
bnx2fc_rport_event_handler+0x9f/0x240 [bnx2fc] # Handling remote port event (e.g., login/logout)
fc_rport_work+0x103/0x5b0 [libfc] # Fibre Channel RPort workqueue handler
```

- **Root Cause**: The driver tried to free DMA-mapped memory (`__iommu_dma_free`) that was either: - Already freed (double-free). - Invalidly mapped. - Corrupted due to a race condition between session upload and teardown.

#### **2. Key Registers** - `DR6: 0x0fffe0ff0`: Debug register indicating breakpoint or exception status. The bits suggest an exception occurred during instruction execution, but the exact cause is in the call trace above. - `CR4: 0x3706e0`: Standard control register state; no obvious anomaly here.

#### **3. Affected Module** - **`bnx2fc`**: Broadcom NetXtreme II FCoE driver. - **Dependencies**: `libfc`, `scsi_transport_fc`.

---

### **Possible Causes** 1. **Driver Bug in `bnx2fc`**: Known issues exist in older versions of the `bnx2fc` driver related to session teardown races, especially under high I/O or link flapping conditions. 2. **Hardware Issue**: Faulty NIC (Broadcom NetXtreme II) or firmware bug causing incorrect DMA mappings. 3. **Firmware/Driver Mismatch**: Incompatible versions of the `bnx2fc` driver and the NIC’s onboard firmware. 4. **Kernel Bug**: Rare, but possible interaction between IOMMU subsystem and FCoE stack in this specific kernel version.

---

### **Recommended Actions**

#### **1. Immediate Mitigation** - **Update Kernel/Driver**: Check if a newer Linux kernel or `bnx2fc` driver module is available for your distribution. This issue may have been fixed in later commits. ```bash # Example: Update system packages (Debian/Ubuntu) sudo apt update && sudo apt upgrade linux-image-$(uname -r) firmware-bnx2

# RHEL/CentOS sudo yum update kernel bnx2-firmware ``` - **Disable FC over Ethernet (FCoE)**: If FCoE is not critical, disable the `bnx2fc` module to prevent recurrence. ```bash echo "blacklist bnx2fc" | sudo tee /etc/modprobe.d/blacklist-bnx2fc.conf sudo update-initramfs -u # Debian/Ubuntu sudo dracut --force # RHEL/CentOS reboot ```

#### **2. Debugging Steps** - **Check NIC Firmware**: Ensure the Broadcom NIC firmware is up-to-date using `ethtool` or vendor tools (e.g., `bnx2fc_fw_update`). ```bash ethtool -i ethX # Replace with your FCoE interface name dmesg | grep bnx2fc ``` - **Enable Debug Logging**: If you can reproduce the issue, enable verbose logging for `libfc` and `bnx2fc`: ```bash echo "1" > /sys/module/libfc/parameters/debug_level echo "0xff" > /sys/module/bnx2fc/parameters/debug_mask dmesg -w | grep bnx2fc ``` - **Check for Link Flapping**: Monitor the FC

Once again VulDB remains the best source for vulnerability data.

출처

Do you want to use VulDB in your project?

Use the official API to access entries easily!