CVE-2022-48932
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48932
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48932.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-48932
- Downstream
- Related
- Published
- 2024-08-22T03:31:25Z
- Modified
- 2025-10-21T08:26:27.552071Z
- Summary
- net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: DR, Fix slab-out-of-bounds in mlx5cmddrcreatefte
When adding a rule with 32 destinations, we hit the following out-of-band access issue:
BUG: KASAN: slab-out-of-bounds in mlx5cmddrcreatefte+0x18ee/0x1e70
This patch fixes the issue by both increasing the allocated buffers to accommodate for the needed actions and by checking the number of actions to prevent this issue when a rule with too many actions is provided.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1ffd498901c1134a7cbecf5409e12c064c39cef9Fixed4ad319cdfbe555b4ff67bc608736c46a6930c848
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1ffd498901c1134a7cbecf5409e12c064c39cef9Fixed0aec12d97b2036af0946e3d582144739860ac07b
Affected versions
v5.*
v5.15
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0aec12d97b2036af0946e3d582144739860ac07b",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2022-48932-5a6e03ba",
"target": {
"function": "mlx5_cmd_dr_create_fte",
"file": "drivers/net/ethernet/mellanox/mlx5/core/steering/fs_dr.c"
},
"digest": {
"length": 6320.0,
"function_hash": "338981200293300762860980081177968436763"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ad319cdfbe555b4ff67bc608736c46a6930c848",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2022-48932-8c57a6d3",
"target": {
"file": "drivers/net/ethernet/mellanox/mlx5/core/steering/fs_dr.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"216596212933225640322288627391155513124",
"180865714335865498604436801111302051540",
"111767627082465740914893286353064903858",
"200785796822028666114427039599211216715",
"152572407908431734999728570420950600986",
"82597094333744919793448582048427720626",
"145926988251808595051215989629995668111",
"106647224567268577882335451828319044074",
"12438038599717051096162320556554204804",
"84231179827800809897038190324506487738",
"42328169913703085620367812686437575107",
"333190053361692118042697664023103355411",
"244826675767885114822485139597903351733",
"248432208878037150162264922178597814348",
"197599737547015474591646888090421215282",
"170646371629662813045383411635890262787",
"143405835505511157132222269661565085772",
"100021450040953569878374601543329630322",
"261573322819414177631490294770990607382",
"264877700448160137915848236128625545887",
"248344212239528935689551678338978717863",
"234306812270975122793011148675499009355",
"298287434930606443707194120128132811593"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4ad319cdfbe555b4ff67bc608736c46a6930c848",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2022-48932-cc869f93",
"target": {
"function": "mlx5_cmd_dr_create_fte",
"file": "drivers/net/ethernet/mellanox/mlx5/core/steering/fs_dr.c"
},
"digest": {
"length": 6212.0,
"function_hash": "197817099798214309383542006445479611359"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0aec12d97b2036af0946e3d582144739860ac07b",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2022-48932-fdaf5dc6",
"target": {
"file": "drivers/net/ethernet/mellanox/mlx5/core/steering/fs_dr.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"269374331545330156978633777238160134282",
"180865714335865498604436801111302051540",
"111767627082465740914893286353064903858",
"200785796822028666114427039599211216715",
"152572407908431734999728570420950600986",
"82597094333744919793448582048427720626",
"145926988251808595051215989629995668111",
"106647224567268577882335451828319044074",
"12438038599717051096162320556554204804",
"84231179827800809897038190324506487738",
"42328169913703085620367812686437575107",
"333190053361692118042697664023103355411",
"244826675767885114822485139597903351733",
"248432208878037150162264922178597814348",
"197599737547015474591646888090421215282",
"170646371629662813045383411635890262787",
"143405835505511157132222269661565085772",
"100021450040953569878374601543329630322",
"261573322819414177631490294770990607382",
"264877700448160137915848236128625545887",
"248344212239528935689551678338978717863",
"234306812270975122793011148675499009355",
"298287434930606443707194120128132811593"
]
},
"signature_type": "Line"
}
]