CVE-2022-50117
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-50117
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50117.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-50117
- Downstream
- Related
- Published
- 2025-06-18T11:02:47Z
- Modified
- 2025-10-21T11:52:26.207232Z
- Summary
- vfio: Split migration ops from main device ops
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
vfio: Split migration ops from main device ops
vfio core checks whether the driver sets some migration op (e.g. setstate/getstate) and accordingly calls its op.
However, currently mlx5 driver sets the above ops without regards to its migration caps.
This might lead to unexpected usage/Oops if user space may call to the above ops even if the driver doesn't support migration. As for example, the migration state_mutex is not initialized in that case.
The cleanest way to manage that seems to split the migration ops from the main device ops, this will let the driver setting them separately from the main ops when it's applicable.
As part of that, validate ops construction on registration and include a check for VFIOMIGRATIONSTOPCOPY since the uAPI claims it must be set in migrationflags.
HISI driver was changed as well to match this scheme.
This scheme may enable down the road to come with some extra group of ops (e.g. DMA log) that can be set without regards to the other options based on driver caps.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced6fadb021266d03c5fd7bca2cfa1607efd246dad1Fixedbba6b12d73d36e0ddbc2c3ac5668a667b00d4345
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced6fadb021266d03c5fd7bca2cfa1607efd246dad1Fixed6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367
Affected versions
v5.*
v5.17
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
Database specific
vanir_signatures
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"245910808860460226906372177230727173788",
"159988695930767769270869291875253526882",
"48910139878873359970947360365810943163",
"151361520701936132497976799962236954572"
]
},
"target": {
"file": "drivers/vfio/pci/mlx5/cmd.h"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-0847b91d"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"211817564504809875084117974907203117505",
"311129047506685531329373413594831170195",
"216324818162556200104602446629243526809",
"325034684753351202246238303815423756059",
"188350322476510495581583834487301605653",
"70797049062456118667107791161278827451",
"263748797098810464147731243085007287939",
"61942423404518103249845638187933615910",
"12270180557431026076158237252496225010",
"193441413889184356078595504446594164974",
"121008734278550300564291887069447117621",
"189368466243710794171339861932616781034"
]
},
"target": {
"file": "drivers/vfio/pci/mlx5/main.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-14f04b44"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"77122450500372750627715711228017241963",
"250124277211760852599392422429737925138",
"146234829755694761809278279562730320533",
"190665576371235917102627021274443452560",
"120248219355507158463218972278170617248",
"321428698514466692417757315668505705055",
"47686288530489782593085623025289367501",
"73722949771035774066574585812831461408"
]
},
"target": {
"file": "drivers/vfio/pci/mlx5/cmd.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-20846462"
},
{
"digest": {
"function_hash": "268405453689626902652226327290657545670",
"length": 900.0
},
"target": {
"file": "drivers/vfio/pci/mlx5/cmd.c",
"function": "mlx5vf_cmd_set_migratable"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-26c6af1c"
},
{
"digest": {
"function_hash": "183072530953634705184112169520566378402",
"length": 486.0
},
"target": {
"file": "drivers/vfio/pci/mlx5/main.c",
"function": "mlx5vf_pci_probe"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-33d1dfd3"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"245910808860460226906372177230727173788",
"159988695930767769270869291875253526882",
"48910139878873359970947360365810943163",
"151361520701936132497976799962236954572"
]
},
"target": {
"file": "drivers/vfio/pci/mlx5/cmd.h"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-387ef84f"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"92536671235261026664458937653618417166",
"253455225102349910647907215333102887838",
"275659991961689652819057464531317843141",
"320206263113110010563486659145931529649",
"175692731335072572309196000182501960246",
"311345621722644532824200830422126560056",
"246421818485607808813510408277215472932",
"196448814105084606491578286900898576522",
"282287882574543373068887892791844327001",
"253287220358750287204374681440424486811",
"95143270452761455216734003991230867582",
"87229600368851378586960272621214166536",
"38462901378504788590566284687594899008",
"291421149408535108774494429412301002360",
"333947974679895158099850299598240979479",
"275659991961689652819057464531317843141",
"100677998778353151296785612820385872312",
"82671903675051546870316253030687015605"
]
},
"target": {
"file": "drivers/vfio/vfio.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-46ada792"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"103837625791322156068924498980726230472",
"138693616180719411660733260866095306764",
"117155444081981677472249581246201276686",
"22214182328826847572787674629056258958",
"281590671194388701996323963700707462666",
"119331879832413233983127534371066603410",
"140904292569937012979020482454055536099",
"234609856166587218680116132405325011839",
"71375425698253652016279034411857933355",
"312687119036144143606698550413306288876",
"244710310889551570489217826915949599395"
]
},
"target": {
"file": "include/linux/vfio.h"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-4b4e549a"
},
{
"digest": {
"function_hash": "244958165351404262996393466087315598040",
"length": 842.0
},
"target": {
"file": "drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c",
"function": "hisi_acc_vfio_pci_probe"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-5d56ba31"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"326490372586437676797306687997194165930",
"179238839984271172976926256263505362772",
"235661504716157914479842132699603685181"
]
},
"target": {
"file": "drivers/vfio/pci/vfio_pci_core.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-5fff76a0"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"211817564504809875084117974907203117505",
"311129047506685531329373413594831170195",
"216324818162556200104602446629243526809",
"325034684753351202246238303815423756059",
"188350322476510495581583834487301605653",
"70797049062456118667107791161278827451",
"263748797098810464147731243085007287939",
"61942423404518103249845638187933615910",
"12270180557431026076158237252496225010",
"193441413889184356078595504446594164974",
"121008734278550300564291887069447117621",
"189368466243710794171339861932616781034"
]
},
"target": {
"file": "drivers/vfio/pci/mlx5/main.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-6109f72e"
},
{
"digest": {
"function_hash": "157073177851537338760336334687031960224",
"length": 445.0
},
"target": {
"file": "drivers/vfio/vfio.c",
"function": "vfio_ioctl_device_feature_migration"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-751be3ab"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"77122450500372750627715711228017241963",
"250124277211760852599392422429737925138",
"146234829755694761809278279562730320533",
"190665576371235917102627021274443452560",
"120248219355507158463218972278170617248",
"321428698514466692417757315668505705055",
"47686288530489782593085623025289367501",
"73722949771035774066574585812831461408"
]
},
"target": {
"file": "drivers/vfio/pci/mlx5/cmd.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-7626fcef"
},
{
"digest": {
"function_hash": "40828904675699538822646890292314983250",
"length": 494.0
},
"target": {
"file": "drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c",
"function": "hisi_acc_vfio_pci_open_device"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-7652128b"
},
{
"digest": {
"function_hash": "321708473197658880229536181084839733083",
"length": 1064.0
},
"target": {
"file": "drivers/vfio/pci/vfio_pci_core.c",
"function": "vfio_pci_core_register_device"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-79985a56"
},
{
"digest": {
"function_hash": "268405453689626902652226327290657545670",
"length": 900.0
},
"target": {
"file": "drivers/vfio/pci/mlx5/cmd.c",
"function": "mlx5vf_cmd_set_migratable"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-90a5064b"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"92536671235261026664458937653618417166",
"253455225102349910647907215333102887838",
"275659991961689652819057464531317843141",
"320206263113110010563486659145931529649",
"175692731335072572309196000182501960246",
"311345621722644532824200830422126560056",
"246421818485607808813510408277215472932",
"196448814105084606491578286900898576522",
"282287882574543373068887892791844327001",
"253287220358750287204374681440424486811",
"95143270452761455216734003991230867582",
"87229600368851378586960272621214166536",
"38462901378504788590566284687594899008",
"291421149408535108774494429412301002360",
"333947974679895158099850299598240979479",
"275659991961689652819057464531317843141",
"100677998778353151296785612820385872312",
"82671903675051546870316253030687015605"
]
},
"target": {
"file": "drivers/vfio/vfio.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-90d9385a"
},
{
"digest": {
"function_hash": "321708473197658880229536181084839733083",
"length": 1064.0
},
"target": {
"file": "drivers/vfio/pci/vfio_pci_core.c",
"function": "vfio_pci_core_register_device"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-92c8b288"
},
{
"digest": {
"function_hash": "183072530953634705184112169520566378402",
"length": 486.0
},
"target": {
"file": "drivers/vfio/pci/mlx5/main.c",
"function": "mlx5vf_pci_probe"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-94803712"
},
{
"digest": {
"function_hash": "216061453236520614236620436256778758984",
"length": 990.0
},
"target": {
"file": "drivers/vfio/vfio.c",
"function": "vfio_ioctl_device_feature_mig_device_state"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-a24c48f5"
},
{
"digest": {
"function_hash": "244958165351404262996393466087315598040",
"length": 842.0
},
"target": {
"file": "drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c",
"function": "hisi_acc_vfio_pci_probe"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-ac1f6512"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"103837625791322156068924498980726230472",
"138693616180719411660733260866095306764",
"117155444081981677472249581246201276686",
"22214182328826847572787674629056258958",
"281590671194388701996323963700707462666",
"119331879832413233983127534371066603410",
"140904292569937012979020482454055536099",
"234609856166587218680116132405325011839",
"71375425698253652016279034411857933355",
"312687119036144143606698550413306288876",
"244710310889551570489217826915949599395"
]
},
"target": {
"file": "include/linux/vfio.h"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-b36617a1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"326490372586437676797306687997194165930",
"179238839984271172976926256263505362772",
"235661504716157914479842132699603685181"
]
},
"target": {
"file": "drivers/vfio/pci/vfio_pci_core.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-c501c2ad"
},
{
"digest": {
"function_hash": "40828904675699538822646890292314983250",
"length": 494.0
},
"target": {
"file": "drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c",
"function": "hisi_acc_vfio_pci_open_device"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-d155572f"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"54983460907796683735688866556508149574",
"135640019871031799443068282974931915819",
"157581260522335383067395775652730552814",
"145106251705133257046316050306581715093",
"62157970551755343748405946123982390358",
"72668064536820862808035889927974634284",
"70236463633012713593433233871947159459",
"42226558645567187688569483520525817668",
"185131197646685169757096423500229468004",
"10241190066034285111150802259949503449",
"99475988637991480017201513935766574292",
"212617838706563770949900125665445854918",
"15543902187168807250489583077766892519",
"261265648200902304980356759010961857759",
"204781193708843538915239179917854119832",
"47746822567007972806185943883376240200"
]
},
"target": {
"file": "drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-eaad1101"
},
{
"digest": {
"function_hash": "157073177851537338760336334687031960224",
"length": 445.0
},
"target": {
"file": "drivers/vfio/vfio.c",
"function": "vfio_ioctl_device_feature_migration"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-ededfba8"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"54983460907796683735688866556508149574",
"135640019871031799443068282974931915819",
"157581260522335383067395775652730552814",
"145106251705133257046316050306581715093",
"62157970551755343748405946123982390358",
"72668064536820862808035889927974634284",
"70236463633012713593433233871947159459",
"42226558645567187688569483520525817668",
"185131197646685169757096423500229468004",
"10241190066034285111150802259949503449",
"99475988637991480017201513935766574292",
"212617838706563770949900125665445854918",
"15543902187168807250489583077766892519",
"261265648200902304980356759010961857759",
"204781193708843538915239179917854119832",
"47746822567007972806185943883376240200"
]
},
"target": {
"file": "drivers/vfio/pci/hisilicon/hisi_acc_vfio_pci.c"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bba6b12d73d36e0ddbc2c3ac5668a667b00d4345",
"id": "CVE-2022-50117-f1f6bde9"
},
{
"digest": {
"function_hash": "216061453236520614236620436256778758984",
"length": 990.0
},
"target": {
"file": "drivers/vfio/vfio.c",
"function": "vfio_ioctl_device_feature_mig_device_state"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e97eba8ad8748fabb795cffc5d9e1a7dcfd7367",
"id": "CVE-2022-50117-fd79ef3f"
}
]