SUSE Support

Here When You Need Us

System freezes with pointer to crypto_aead_setkey function after mounting CIFS 3.0/3.0.2 shares

This document (000021690) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 15 Service Pack 6
SUSE Linux Enterprise Server 12 Service Pack 5


Situation

While mounting a CIFS share using the smb protocol version 3.0 or 3.0.2, the system freezes and becomes unresponsive. 
Analyzing the dmesg.txt file which is stored along the vmcore file in /var/crash/date-and-time/ shows messages similar to: 

[   91.276577] CIFS: Attempting to mount //servername/sharename/sharename
[   91.312714] CIFS VFS:  BAD_NETWORK_NAME: \\servername\sharename
[   91.320935] CIFS VFS:  BAD_NETWORK_NAME: \\servername\sharename
[   91.378602] BUG: unable to handle kernel NULL pointer dereference at 0000000000000040
[   91.388958] IP: crypto_aead_setkey+0x1c/0xc0

Resolution

If this issue is encountered, please open a service request to retrieve a Program Temporary Fix (PTF) until a maintenance update addressing this issue can be supplied. 

Cause

Please see the SUSE CVE-2024-53185 announcement for details.

Additional Information

Complete kernel backtrace from an affected SUSE Linux Enterprise 12 Service Pack 5 with Long Term Service Pack Support extension: 

[   91.320935] CIFS VFS:  BAD_NETWORK_NAME: \\servername\sharename
[   91.378602] BUG: unable to handle kernel NULL pointer dereference at 0000000000000040
[   91.388958] IP: crypto_aead_setkey+0x1c/0xc0
[   91.394732] PGD 0 P4D 0
[   91.398639] Oops: 0000 [#1] SMP PTI
[   91.403188] CPU: 2 PID: 9078 Comm: mount.cifs Tainted: P           OE      4.12.14-122.234-default #1 SLE12-SP5
[   91.414981] Hardware name: Cisco Systems Inc [...]
[   91.427072] task: ffff88d8bd030e80 task.stack: ffffac948e7fc000
[   91.434211] RIP: 0010:crypto_aead_setkey+0x1c/0xc0
[   91.440090] RSP: 0018:ffffac948e7ff6e8 EFLAGS: 00010296
[   91.446458] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[   91.454962] RDX: 0000000000000010 RSI: ffffac948e7ff798 RDI: 0000000000000000
[   91.463466] RBP: ffffac948e7ff7d8 R08: 0000000000000000 R09: ffffac948e7ff778
[   91.471976] R10: 000000007558d6b5 R11: 00000000df5d501d R12: ffffac948e7ff798
[   91.480476] R13: 0000000000000010 R14: 0000000000000002 R15: ffff888cedc30540
[   91.488979] FS:  00007ff783464740(0000) GS:ffff88dabfc80000(0000) knlGS:0000000000000000
[   91.498554] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   91.505508] CR2: 0000000000000040 CR3: 00000032f50c4004 CR4: 00000000007606e0
[   91.514017] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   91.522663] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   91.531153] PKRU: 55555554
[   91.531153] Call Trace:
[   91.531193]  crypt_message+0xfa/0x860 [cifs]
[   91.531199]  ? _crng_backtrack_protect+0x31/0x70
[   91.552105]  ? smb3_init_transform_rq+0x252/0x340 [cifs]
[   91.559584]  ? memzero_explicit+0xe/0x20
[   91.565548]  smb3_init_transform_rq+0x280/0x340 [cifs]
[   91.571774]  smb_send_rqst.part.10+0x8e/0xe0 [cifs]
[   91.577701]  compound_send_recv+0x2c5/0x9c0 [cifs]
[   91.583520]  cifs_send_recv+0x22/0x30 [cifs]
[   91.588742]  SMB2_tcon+0x1ad/0x6b0 [cifs]
[   91.593681]  ? vscnprintf+0x9/0x30
[   91.597930]  cifs_get_smb_ses+0x816/0xd20 [cifs]
[   91.603532]  cifs_mount_get_session+0xa6/0x9d0 [cifs]
[   91.609607]  mount_get_dfs_conns+0x17/0xb0 [cifs]
[   91.615281]  connect_dfs_target+0x18c/0x370 [cifs]
[   91.621056]  cifs_mount+0x7d8/0x9c0 [cifs]
[   91.626056]  cifs_smb3_do_mount+0x17f/0x660 [cifs]
[   91.631826]  ? alloc_pages_current+0x74/0xf0
[   91.637010]  mount_fs+0x3a/0x160
[   91.641028]  vfs_kern_mount+0x62/0x110
[   91.645624]  do_mount+0x1ab/0xc20
[   91.649735]  ? kmem_cache_alloc_trace+0xe6/0x1c0
[   91.655300]  SyS_mount+0x7e/0xd0
[   91.659312]  do_syscall_64+0x74/0x160
[   91.663812]  entry_SYSCALL_64_after_hwframe+0x7d/0xe7
[   91.669856] RIP: 0033:0x7ff78355797a
[   91.674244] RSP: 002b:00007ffedad718b8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[   91.683110] RAX: ffffffffffffffda RBX: 00007ff78381a000 RCX: 00007ff78355797a
[   91.691489] RDX: 000055ef244c9e9e RSI: 000055ef244c9ee5 RDI: 00007ffedad71f17
[   91.699877] RBP: 00007ff78381c91e R08: 000055ef247360e0 R09: 0000000000210000
[   91.708252] R10: 0000000000000000 R11: 0000000000000206 R12: 000055ef247360e0
[   91.716631] R13: 0000000000000003 R14: 00007ff78381c70e R15: 000055ef247350d0

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000021690
  • Creation Date: 04-Feb-2025
  • Modified Date:04-Feb-2025
    • SUSE Linux Enterprise Desktop
    • SUSE Linux Enterprise Server
    • SUSE Linux Enterprise Server for SAP Applications
    • SUSE Manager Server
    • SUSE Linux Enterprise Micro

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community
tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

Support FAQ
tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center