CVE-2022-50877

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: broadcom: bcm4908_enet: update TX stats after actual transmission

Queueing packets doesn't guarantee their transmission. Update TX stats after hardware confirms consuming submitted data.

This also fixes a possible race and NULL dereference. bcm4908_enet_start_xmit() could try to access skb after freeing it in the bcm4908_enet_poll_tx().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4feffeadbcb2e5b11cbbf191a33c245b74a5837b < c9589e18a60c55c76772a38117ef9a16b942e56baffected
LinuxLinux4feffeadbcb2e5b11cbbf191a33c245b74a5837b < 2adedc80faec243ede55355e57142110d6f46e08affected
LinuxLinux4feffeadbcb2e5b11cbbf191a33c245b74a5837b < ef3556ee16c68735ec69bd08df41d1cd83b14ad3affected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.15.77 <= 5.15.*unaffected
LinuxLinux6.0.7 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References