CVE-2022-49227 (GCVE-0-2022-49227)
Vulnerability from cvelistv5
Published
2025-02-26 01:55
Modified
2025-05-04 08:32
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: igc: avoid kernel warning when changing RX ring parameters Calling ethtool changing the RX ring parameters like this: $ ethtool -G eth0 rx 1024 on igc triggers kernel warnings like this: [ 225.198467] ------------[ cut here ]------------ [ 225.198473] Missing unregister, handled but fix driver [ 225.198485] WARNING: CPU: 7 PID: 959 at net/core/xdp.c:168 xdp_rxq_info_reg+0x79/0xd0 [...] [ 225.198601] Call Trace: [ 225.198604] <TASK> [ 225.198609] igc_setup_rx_resources+0x3f/0xe0 [igc] [ 225.198617] igc_ethtool_set_ringparam+0x30e/0x450 [igc] [ 225.198626] ethnl_set_rings+0x18a/0x250 [ 225.198631] genl_family_rcv_msg_doit+0xca/0x110 [ 225.198637] genl_rcv_msg+0xce/0x1c0 [ 225.198640] ? rings_prepare_data+0x60/0x60 [ 225.198644] ? genl_get_cmd+0xd0/0xd0 [ 225.198647] netlink_rcv_skb+0x4e/0xf0 [ 225.198652] genl_rcv+0x24/0x40 [ 225.198655] netlink_unicast+0x20e/0x330 [ 225.198659] netlink_sendmsg+0x23f/0x480 [ 225.198663] sock_sendmsg+0x5b/0x60 [ 225.198667] __sys_sendto+0xf0/0x160 [ 225.198671] ? handle_mm_fault+0xb2/0x280 [ 225.198676] ? do_user_addr_fault+0x1eb/0x690 [ 225.198680] __x64_sys_sendto+0x20/0x30 [ 225.198683] do_syscall_64+0x38/0x90 [ 225.198687] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 225.198693] RIP: 0033:0x7f7ae38ac3aa igc_ethtool_set_ringparam() copies the igc_ring structure but neglects to reset the xdp_rxq_info member before calling igc_setup_rx_resources(). This in turn calls xdp_rxq_info_reg() with an already registered xdp_rxq_info. Make sure to unregister the xdp_rxq_info structure first in igc_setup_rx_resources.
Impacted products
Vendor Product Version
Linux Linux Version: 73f1071c1d2952b8c93cd6cd99744768c59ec840
Version: 73f1071c1d2952b8c93cd6cd99744768c59ec840
Version: 73f1071c1d2952b8c93cd6cd99744768c59ec840
Version: 73f1071c1d2952b8c93cd6cd99744768c59ec840
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/igc/igc_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "ab8c107470d12e7ef99030bf0911a10cdef62d16",
              "status": "affected",
              "version": "73f1071c1d2952b8c93cd6cd99744768c59ec840",
              "versionType": "git"
            },
            {
              "lessThan": "3ddb49af08094ebee250b461172ee7b8e27a35d3",
              "status": "affected",
              "version": "73f1071c1d2952b8c93cd6cd99744768c59ec840",
              "versionType": "git"
            },
            {
              "lessThan": "65aebcf1e05bd97d2e7ffcdff36efea1757c9450",
              "status": "affected",
              "version": "73f1071c1d2952b8c93cd6cd99744768c59ec840",
              "versionType": "git"
            },
            {
              "lessThan": "453307b569a0d41bddd07f26bf41b784cd82a4c9",
              "status": "affected",
              "version": "73f1071c1d2952b8c93cd6cd99744768c59ec840",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/intel/igc/igc_main.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "lessThan": "5.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.33",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.17.*",
              "status": "unaffected",
              "version": "5.17.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.18",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.33",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.16.19",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.17.2",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.18",
                  "versionStartIncluding": "5.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: avoid kernel warning when changing RX ring parameters\n\nCalling ethtool changing the RX ring parameters like this:\n\n  $ ethtool -G eth0 rx 1024\n\non igc triggers kernel warnings like this:\n\n[  225.198467] ------------[ cut here ]------------\n[  225.198473] Missing unregister, handled but fix driver\n[  225.198485] WARNING: CPU: 7 PID: 959 at net/core/xdp.c:168\nxdp_rxq_info_reg+0x79/0xd0\n[...]\n[  225.198601] Call Trace:\n[  225.198604]  \u003cTASK\u003e\n[  225.198609]  igc_setup_rx_resources+0x3f/0xe0 [igc]\n[  225.198617]  igc_ethtool_set_ringparam+0x30e/0x450 [igc]\n[  225.198626]  ethnl_set_rings+0x18a/0x250\n[  225.198631]  genl_family_rcv_msg_doit+0xca/0x110\n[  225.198637]  genl_rcv_msg+0xce/0x1c0\n[  225.198640]  ? rings_prepare_data+0x60/0x60\n[  225.198644]  ? genl_get_cmd+0xd0/0xd0\n[  225.198647]  netlink_rcv_skb+0x4e/0xf0\n[  225.198652]  genl_rcv+0x24/0x40\n[  225.198655]  netlink_unicast+0x20e/0x330\n[  225.198659]  netlink_sendmsg+0x23f/0x480\n[  225.198663]  sock_sendmsg+0x5b/0x60\n[  225.198667]  __sys_sendto+0xf0/0x160\n[  225.198671]  ? handle_mm_fault+0xb2/0x280\n[  225.198676]  ? do_user_addr_fault+0x1eb/0x690\n[  225.198680]  __x64_sys_sendto+0x20/0x30\n[  225.198683]  do_syscall_64+0x38/0x90\n[  225.198687]  entry_SYSCALL_64_after_hwframe+0x44/0xae\n[  225.198693] RIP: 0033:0x7f7ae38ac3aa\n\nigc_ethtool_set_ringparam() copies the igc_ring structure but neglects to\nreset the xdp_rxq_info member before calling igc_setup_rx_resources().\nThis in turn calls xdp_rxq_info_reg() with an already registered xdp_rxq_info.\n\nMake sure to unregister the xdp_rxq_info structure first in\nigc_setup_rx_resources."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:32:52.411Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/ab8c107470d12e7ef99030bf0911a10cdef62d16"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ddb49af08094ebee250b461172ee7b8e27a35d3"
        },
        {
          "url": "https://git.kernel.org/stable/c/65aebcf1e05bd97d2e7ffcdff36efea1757c9450"
        },
        {
          "url": "https://git.kernel.org/stable/c/453307b569a0d41bddd07f26bf41b784cd82a4c9"
        }
      ],
      "title": "igc: avoid kernel warning when changing RX ring parameters",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-49227",
    "datePublished": "2025-02-26T01:55:56.202Z",
    "dateReserved": "2025-02-26T01:49:39.293Z",
    "dateUpdated": "2025-05-04T08:32:52.411Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-49227\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-26T07:00:59.747\",\"lastModified\":\"2025-10-21T11:52:30.137\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nigc: avoid kernel warning when changing RX ring parameters\\n\\nCalling ethtool changing the RX ring parameters like this:\\n\\n  $ ethtool -G eth0 rx 1024\\n\\non igc triggers kernel warnings like this:\\n\\n[  225.198467] ------------[ cut here ]------------\\n[  225.198473] Missing unregister, handled but fix driver\\n[  225.198485] WARNING: CPU: 7 PID: 959 at net/core/xdp.c:168\\nxdp_rxq_info_reg+0x79/0xd0\\n[...]\\n[  225.198601] Call Trace:\\n[  225.198604]  \u003cTASK\u003e\\n[  225.198609]  igc_setup_rx_resources+0x3f/0xe0 [igc]\\n[  225.198617]  igc_ethtool_set_ringparam+0x30e/0x450 [igc]\\n[  225.198626]  ethnl_set_rings+0x18a/0x250\\n[  225.198631]  genl_family_rcv_msg_doit+0xca/0x110\\n[  225.198637]  genl_rcv_msg+0xce/0x1c0\\n[  225.198640]  ? rings_prepare_data+0x60/0x60\\n[  225.198644]  ? genl_get_cmd+0xd0/0xd0\\n[  225.198647]  netlink_rcv_skb+0x4e/0xf0\\n[  225.198652]  genl_rcv+0x24/0x40\\n[  225.198655]  netlink_unicast+0x20e/0x330\\n[  225.198659]  netlink_sendmsg+0x23f/0x480\\n[  225.198663]  sock_sendmsg+0x5b/0x60\\n[  225.198667]  __sys_sendto+0xf0/0x160\\n[  225.198671]  ? handle_mm_fault+0xb2/0x280\\n[  225.198676]  ? do_user_addr_fault+0x1eb/0x690\\n[  225.198680]  __x64_sys_sendto+0x20/0x30\\n[  225.198683]  do_syscall_64+0x38/0x90\\n[  225.198687]  entry_SYSCALL_64_after_hwframe+0x44/0xae\\n[  225.198693] RIP: 0033:0x7f7ae38ac3aa\\n\\nigc_ethtool_set_ringparam() copies the igc_ring structure but neglects to\\nreset the xdp_rxq_info member before calling igc_setup_rx_resources().\\nThis in turn calls xdp_rxq_info_reg() with an already registered xdp_rxq_info.\\n\\nMake sure to unregister the xdp_rxq_info structure first in\\nigc_setup_rx_resources.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: igc: evitar advertencia del kernel al cambiar los par\u00e1metros del anillo RX Llamar a ethtool cambiando los par\u00e1metros del anillo RX de esta manera: $ ethtool -G eth0 rx 1024 en igc activa advertencias del kernel como esta: [ 225.198467] ------------[ cortar aqu\u00ed ]------------ [ 225.198473] Falta anulaci\u00f3n del registro, controlador manejado pero corregido [ 225.198485] ADVERTENCIA: CPU: 7 PID: 959 en net/core/xdp.c:168 xdp_rxq_info_reg+0x79/0xd0 [...] [ 225.198601] Seguimiento de llamada: [ 225.198604]  [ 225.198609] igc_setup_rx_resources+0x3f/0xe0 [igc] [ 225.198617] igc_ethtool_set_ringparam+0x30e/0x450 [igc] [ 225.198626] ethnl_set_rings+0x18a/0x250 [ 225.198631] genl_family_rcv_msg_doit+0xca/0x110 [ 225.198637] genl_rcv_msg+0xce/0x1c0 [ 225.198640] ? rings_prepare_data+0x60/0x60 [ 225.198644] ? genl_get_cmd+0xd0/0xd0 [ 225.198647] netlink_rcv_skb+0x4e/0xf0 [ 225.198652] genl_rcv+0x24/0x40 [ 225.198655] netlink_unicast+0x20e/0x330 [ 225.198659] netlink_sendmsg+0x23f/0x480 [ 225.198663] sock_sendmsg+0x5b/0x60 [ 225.198667] __sys_sendto+0xf0/0x160 [ 225.198671] ? handle_mm_fault+0xb2/0x280 [ 225.198676] ? do_user_addr_fault+0x1eb/0x690 [ 225.198680] __x64_sys_sendto+0x20/0x30 [ 225.198683] do_syscall_64+0x38/0x90 [ 225.198687] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 225.198693] RIP: 0033:0x7f7ae38ac3aa igc_ethtool_set_ringparam() copia la estructura igc_ring pero no restablece el miembro xdp_rxq_info antes de llamar a igc_setup_rx_resources(). Esto, a su vez, llama a xdp_rxq_info_reg() con un xdp_rxq_info ya registrado. Aseg\u00farese de anular el registro de la estructura xdp_rxq_info primero en igc_setup_rx_resources.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.13\",\"versionEndExcluding\":\"5.15.33\",\"matchCriteriaId\":\"3635E21D-6C8E-41E4-BF98-89A503BAF23D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.16.19\",\"matchCriteriaId\":\"20C43679-0439-405A-B97F-685BEE50613B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.17\",\"versionEndExcluding\":\"5.17.2\",\"matchCriteriaId\":\"210C679C-CF84-44A3-8939-E629C87E54BF\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3ddb49af08094ebee250b461172ee7b8e27a35d3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/453307b569a0d41bddd07f26bf41b784cd82a4c9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/65aebcf1e05bd97d2e7ffcdff36efea1757c9450\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ab8c107470d12e7ef99030bf0911a10cdef62d16\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…