CVE-2022-49583

Summary

In the Linux kernel, the following vulnerability has been resolved:

iavf: Fix handling of dummy receive descriptors

Fix memory leak caused by not handling dummy receive descriptor properly. iavf_get_rx_buffer now sets the rx_buffer return value for dummy receive descriptors. Without this patch, when the hardware writes a dummy descriptor, iavf would not free the page allocated for the previous receive buffer. This is an unlikely event but can still happen.

[Jesse: massaged commit message]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxefa14c3985828da3163f5372137cb64d992b0f79 < d88d59faf4e6f9cc4767664206afdb999b10ec77affected
LinuxLinuxefa14c3985828da3163f5372137cb64d992b0f79 < c6af94324911ef0846af1a5ce5e049ca736db34baffected
LinuxLinuxefa14c3985828da3163f5372137cb64d992b0f79 < 2918419c06088f6709ceb543feb01752779ade4caffected
LinuxLinuxefa14c3985828da3163f5372137cb64d992b0f79 < 6edb818732fc05fda495f5b3a749bd1cee01398baffected
LinuxLinuxefa14c3985828da3163f5372137cb64d992b0f79 < a9f49e0060301a9bfebeca76739158d0cf91cdf6affected
LinuxLinux2a51e334a0ade539e5b0fcfdbd8b43acb9c7547daffected
LinuxLinux833577ecf3451c7306abb48f221d365c2ee4cc1baffected
LinuxLinux5.1.20 < 5.2affected
LinuxLinux5.2.3 < 5.3affected
LinuxLinux5.3affected
LinuxLinux0 < 5.3unaffected
LinuxLinux5.4.208 <= 5.4.*unaffected
LinuxLinux5.10.134 <= 5.10.*unaffected
LinuxLinux5.15.58 <= 5.15.*unaffected
LinuxLinux5.18.15 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References