{"id":"CVE-2023-53245","summary":"scsi: storvsc: Fix handling of virtual Fibre Channel timeouts","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Fix handling of virtual Fibre Channel timeouts\n\nHyper-V provides the ability to connect Fibre Channel LUNs to the host\nsystem and present them in a guest VM as a SCSI device. I/O to the vFC\ndevice is handled by the storvsc driver. The storvsc driver includes a\npartial integration with the FC transport implemented in the generic\nportion of the Linux SCSI subsystem so that FC attributes can be displayed\nin /sys.  However, the partial integration means that some aspects of vFC\ndon't work properly. Unfortunately, a full and correct integration isn't\npractical because of limitations in what Hyper-V provides to the guest.\n\nIn particular, in the context of Hyper-V storvsc, the FC transport timeout\nfunction fc_eh_timed_out() causes a kernel panic because it can't find the\nrport and dereferences a NULL pointer. The original patch that added the\ncall from storvsc_eh_timed_out() to fc_eh_timed_out() is faulty in this\nregard.\n\nIn many cases a timeout is due to a transient condition, so the situation\ncan be improved by just continuing to wait like with other I/O requests\nissued by storvsc, and avoiding the guaranteed panic. For a permanent\nfailure, continuing to wait may result in a hung thread instead of a panic,\nwhich again may be better.\n\nSo fix the panic by removing the storvsc call to fc_eh_timed_out().  This\nallows storvsc to keep waiting for a response.  The change has been tested\nby users who experienced a panic in fc_eh_timed_out() due to transient\ntimeouts, and it solves their problem.\n\nIn the future we may want to deprecate the vFC functionality in storvsc\nsince it can't be fully fixed. But it has current users for whom it is\nworking well enough, so it should probably stay for a while longer.","modified":"2026-04-02T09:43:52.058666Z","published":"2025-09-15T14:46:14.280Z","related":["SUSE-SU-2025:03600-1","SUSE-SU-2025:03614-1","SUSE-SU-2025:03615-1","SUSE-SU-2025:03628-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20851-1","SUSE-SU-2025:20861-1","SUSE-SU-2025:20870-1","SUSE-SU-2025:20898-1","SUSE-SU-2025:3716-1","SUSE-SU-2025:3751-1","SUSE-SU-2025:3761-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4141-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53245.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/048ebc9a28fb918ee635dd4b2fcf4248eb6e4050"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1678408d08f31a694d5150a56796dd04c9710b22"},{"type":"WEB","url":"https://git.kernel.org/stable/c/175544ad48cbf56affeef2a679c6a4d4fb1e2881"},{"type":"WEB","url":"https://git.kernel.org/stable/c/311db605e07f0d4fc0cc7ddb74f1e5692ea2f469"},{"type":"WEB","url":"https://git.kernel.org/stable/c/763c06565055ae373fe7f89c11e1447bd1ded264"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cd87f4df9865a53807001ed12c0f0420b14ececd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ed70fa5629a8b992a5372d7044d1db1f8fa6de29"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53245.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53245"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3930d7309807ba0bfa460dfa9ed68d5560347dd2"},{"fixed":"cd87f4df9865a53807001ed12c0f0420b14ececd"},{"fixed":"311db605e07f0d4fc0cc7ddb74f1e5692ea2f469"},{"fixed":"048ebc9a28fb918ee635dd4b2fcf4248eb6e4050"},{"fixed":"1678408d08f31a694d5150a56796dd04c9710b22"},{"fixed":"7a792b3d888aab2c65389f9f4f9f2f6c000b1a0d"},{"fixed":"ed70fa5629a8b992a5372d7044d1db1f8fa6de29"},{"fixed":"763c06565055ae373fe7f89c11e1447bd1ded264"},{"fixed":"175544ad48cbf56affeef2a679c6a4d4fb1e2881"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53245.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}