| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022647-CVE-2022-49378-2598@gregkh> Date: Wed, 26 Feb 2025 03:10:52 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49378: sfc: fix considering that all channels have TX queues Description =========== In the Linux kernel, the following vulnerability has been resolved: sfc: fix considering that all channels have TX queues Normally, all channels have RX and TX queues, but this is not true if modparam efx_separate_tx_channels=1 is used. In that cases, some channels only have RX queues and others only TX queues (or more preciselly, they have them allocated, but not initialized). Fix efx_channel_has_tx_queues to return the correct value for this case too. Messages shown at probe time before the fix: sfc 0000:03:00.0 ens6f0np0: MC command 0x82 inlen 544 failed rc=-22 (raw=0) arg=0 ------------[ cut here ]------------ netdevice: ens6f0np0: failed to initialise TXQ -1 WARNING: CPU: 1 PID: 626 at drivers/net/ethernet/sfc/ef10.c:2393 efx_ef10_tx_init+0x201/0x300 [sfc] [...] stripped RIP: 0010:efx_ef10_tx_init+0x201/0x300 [sfc] [...] stripped Call Trace: efx_init_tx_queue+0xaa/0xf0 [sfc] efx_start_channels+0x49/0x120 [sfc] efx_start_all+0x1f8/0x430 [sfc] efx_net_open+0x5a/0xe0 [sfc] __dev_open+0xd0/0x190 __dev_change_flags+0x1b3/0x220 dev_change_flags+0x21/0x60 [...] stripped Messages shown at remove time before the fix: sfc 0000:03:00.0 ens6f0np0: failed to flush 10 queues sfc 0000:03:00.0 ens6f0np0: failed to flush queues The Linux kernel CVE team has assigned CVE-2022-49378 to this issue. Affected and fixed versions =========================== Issue introduced in 5.5 with commit 8700aff089843399f95bc7701ae87b642b35a716 and fixed in 5.10.122 with commit 8f81a4113e1e574d2cbde4f2cd599380a9189c0f Issue introduced in 5.5 with commit 8700aff089843399f95bc7701ae87b642b35a716 and fixed in 5.15.47 with commit 5567d69b95b9c07e1c56f15cf0301251d12e5f97 Issue introduced in 5.5 with commit 8700aff089843399f95bc7701ae87b642b35a716 and fixed in 5.17.15 with commit e7e8d5e25dc762b70f9c88ec6b7d451d0816eead Issue introduced in 5.5 with commit 8700aff089843399f95bc7701ae87b642b35a716 and fixed in 5.18.4 with commit 913d45f02d346ce41c4aad057eaf53a8ed449dc3 Issue introduced in 5.5 with commit 8700aff089843399f95bc7701ae87b642b35a716 and fixed in 5.19 with commit 2e102b53f8a778f872dc137f4c7ac548705817aa Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49378 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/ethernet/sfc/net_driver.h Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/8f81a4113e1e574d2cbde4f2cd599380a9189c0f https://git.kernel.org/stable/c/5567d69b95b9c07e1c56f15cf0301251d12e5f97 https://git.kernel.org/stable/c/e7e8d5e25dc762b70f9c88ec6b7d451d0816eead https://git.kernel.org/stable/c/913d45f02d346ce41c4aad057eaf53a8ed449dc3 https://git.kernel.org/stable/c/2e102b53f8a778f872dc137f4c7ac548705817aa
Powered by blists - more mailing lists