CVE-2022-49208

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/irdma: Prevent some integer underflows

My static checker complains that:

drivers/infiniband/hw/irdma/ctrl.c:3605 irdma_sc_ceq_init()
warn: can subtract underflow 'info->dev->hmc_fpm_misc.max_ceqs'?

It appears that "info->dev->hmc_fpm_misc.max_ceqs" comes from the firmware in irdma_sc_parse_fpm_query_buf() so, yes, there is a chance that it could be zero. Even if we trust the firmware, it's easy enough to change the condition just as a hardenning measure.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3f49d684256963d3f27dfb9d9ff228e2255be78d < d52dab6e03550f9c97121b0c11c0a3ed78ee76a4affected
LinuxLinux3f49d684256963d3f27dfb9d9ff228e2255be78d < f21056f15bbeacab7b4b87af232f5599d1f2bff1affected
LinuxLinux3f49d684256963d3f27dfb9d9ff228e2255be78d < 7340c3675d7ac946f4019b84cd7c64ed542dfe4caffected
LinuxLinux3f49d684256963d3f27dfb9d9ff228e2255be78d < 6f6dbb819dfc1a35bcb8b709b5c83a3ea8beff75affected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.33 <= 5.15.*unaffected
LinuxLinux5.16.19 <= 5.16.*unaffected
LinuxLinux5.17.2 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References