Updated: 2026-02-27 03:22:01.215796
Description:
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash with such logs: Did not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d000125,iqn.2017-01.com.iscsi.target,t,0x3d BUG: Kernel NULL pointer dereference on read at 0x00000000 NIP strlcpy+0x8/0xb0 LR iscsit_fill_cxn_timeout_err_stats+0x5c/0xc0 [iscsi_target_mod] Call Trace: iscsit_handle_nopin_response_timeout+0xfc/0x120 [iscsi_target_mod] call_timer_fn+0x58/0x1f0 run_timer_softirq+0x740/0x860 __do_softirq+0x16c/0x420 irq_exit+0x188/0x1c0 timer_interrupt+0x184/0x410 That is because nopin response timer may be re-started on nopin timer expiration. Stop nopin timer before stopping the nopin response timer to be sure that no one of them will be re-started.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 5.5 | MEDIUM | Ignored | 2026-01-17 01:19:05 | This issue is confined to hosts actively configured as an iSCSI target using the LIO kernel module (... | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 5.5 | MEDIUM | Ignored | 2026-01-17 01:15:02 | This issue is confined to hosts actively configured as an iSCSI target using the LIO kernel module (... | |
| Ubuntu 18.04 ELS | linux | 4.15.0 | 5.5 | MEDIUM | Ignored | 2026-01-17 01:15:04 | This issue is confined to hosts actively configured as an iSCSI target using the LIO kernel module (... | |
| Ubuntu 20.04 ELS | linux | 5.4.0 | 5.5 | MEDIUM | Ignored | 2026-01-17 01:15:03 | This issue is confined to hosts actively configured as an iSCSI target using the LIO kernel module (... |