CVE-2022-48934
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
ida_simple_get() returns an id between min (0) and max (NFP_MAX_MAC_INDEX) inclusive. So NFP_MAX_MAC_INDEX (0xff) is a valid id.
In order for the error handling path to work correctly, the 'invalid' value for 'ida_idx' should not be in the 0..NFP_MAX_MAC_INDEX range, inclusive.
So set it to -1.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 20cce88650981ec504d328dbbdd004d991eb8535 < 5ad5886f85b6bd893e3ed19013765fb0c243c069 | affected |
| Linux | Linux | 20cce88650981ec504d328dbbdd004d991eb8535 < af4bc921d39dffdb83076e0a7eed1321242b7d87 | affected |
| Linux | Linux | 20cce88650981ec504d328dbbdd004d991eb8535 < 9d8097caa73200710d52b9f4d9f430548f46a900 | affected |
| Linux | Linux | 20cce88650981ec504d328dbbdd004d991eb8535 < 4086d2433576baf85f0e538511df97c8101e0a10 | affected |
| Linux | Linux | 20cce88650981ec504d328dbbdd004d991eb8535 < 3a14d0888eb4b0045884126acc69abfb7b87814d | affected |
| Linux | Linux | 5.1 | affected |
| Linux | Linux | 0 < 5.1 | unaffected |
| Linux | Linux | 5.4.182 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.103 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.26 <= 5.15.* | unaffected |
| Linux | Linux | 5.16.12 <= 5.16.* | unaffected |
| Linux | Linux | 5.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/5ad5886f85b6bd893e3ed19013765fb0c243c069
- https://git.kernel.org/stable/c/af4bc921d39dffdb83076e0a7eed1321242b7d87
- https://git.kernel.org/stable/c/9d8097caa73200710d52b9f4d9f430548f46a900
- https://git.kernel.org/stable/c/4086d2433576baf85f0e538511df97c8101e0a10
- https://git.kernel.org/stable/c/3a14d0888eb4b0045884126acc69abfb7b87814d
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.