CVE-2022-49625

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49625
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49625.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49625
Related
Published
2025-02-26T07:01:37Z
Modified
2025-02-26T19:01:35.610762Z
Downstream
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

sfc: fix kernel panic when creating VF

When creating VFs a kernel panic can happen when calling to efxef10tryupdatenicstatsvf.

When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has to unmap memory with vunmap. It is disallowed to do that in IRQ context or with BH disabled. Otherwise, we hit this line in vunmap, causing the crash: BUGON(ininterrupt());

This patch reenables BH to release the buffer.

Log messages when the bug is hit: kernel BUG at mm/vmalloc.c:2727! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 6 PID: 1462 Comm: NetworkManager Kdump: loaded Tainted: G I --------- --- 5.14.0-119.el9.x8664 #1 Hardware name: Dell Inc. PowerEdge R740/06WXJT, BIOS 2.8.2 08/27/2020 RIP: 0010:vunmap+0x2e/0x30 ...skip... Call Trace: _iommudmafree+0x96/0x100 efxnicfreebuffer+0x2b/0x40 [sfc] efxef10tryupdatenicstatsvf+0x14a/0x1c0 [sfc] efxef10updatestatsvf+0x18/0x40 [sfc] efxstartall+0x15e/0x1d0 [sfc] efxnetopen+0x5a/0xe0 [sfc] _devopen+0xe7/0x1a0 _devchangeflags+0x1d7/0x240 devchangeflags+0x21/0x60 ...skip...

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.136-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.18.14-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.18.14-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}