fkie_cve-2022-49227
Vulnerability from fkie_nvd
Published
2025-02-26 07:00
Modified
2025-02-26 07:00
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
igc: avoid kernel warning when changing RX ring parameters
Calling ethtool changing the RX ring parameters like this:
$ ethtool -G eth0 rx 1024
on igc triggers kernel warnings like this:
[ 225.198467] ------------[ cut here ]------------
[ 225.198473] Missing unregister, handled but fix driver
[ 225.198485] WARNING: CPU: 7 PID: 959 at net/core/xdp.c:168
xdp_rxq_info_reg+0x79/0xd0
[...]
[ 225.198601] Call Trace:
[ 225.198604] <TASK>
[ 225.198609] igc_setup_rx_resources+0x3f/0xe0 [igc]
[ 225.198617] igc_ethtool_set_ringparam+0x30e/0x450 [igc]
[ 225.198626] ethnl_set_rings+0x18a/0x250
[ 225.198631] genl_family_rcv_msg_doit+0xca/0x110
[ 225.198637] genl_rcv_msg+0xce/0x1c0
[ 225.198640] ? rings_prepare_data+0x60/0x60
[ 225.198644] ? genl_get_cmd+0xd0/0xd0
[ 225.198647] netlink_rcv_skb+0x4e/0xf0
[ 225.198652] genl_rcv+0x24/0x40
[ 225.198655] netlink_unicast+0x20e/0x330
[ 225.198659] netlink_sendmsg+0x23f/0x480
[ 225.198663] sock_sendmsg+0x5b/0x60
[ 225.198667] __sys_sendto+0xf0/0x160
[ 225.198671] ? handle_mm_fault+0xb2/0x280
[ 225.198676] ? do_user_addr_fault+0x1eb/0x690
[ 225.198680] __x64_sys_sendto+0x20/0x30
[ 225.198683] do_syscall_64+0x38/0x90
[ 225.198687] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 225.198693] RIP: 0033:0x7f7ae38ac3aa
igc_ethtool_set_ringparam() copies the igc_ring structure but neglects to
reset the xdp_rxq_info member before calling igc_setup_rx_resources().
This in turn calls xdp_rxq_info_reg() with an already registered xdp_rxq_info.
Make sure to unregister the xdp_rxq_info structure first in
igc_setup_rx_resources.
References
Impacted products
Vendor | Product | Version |
---|
{ "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: avoid kernel warning when changing RX ring parameters\n\nCalling ethtool changing the RX ring parameters like this:\n\n $ ethtool -G eth0 rx 1024\n\non igc triggers kernel warnings like this:\n\n[ 225.198467] ------------[ cut here ]------------\n[ 225.198473] Missing unregister, handled but fix driver\n[ 225.198485] WARNING: CPU: 7 PID: 959 at net/core/xdp.c:168\nxdp_rxq_info_reg+0x79/0xd0\n[...]\n[ 225.198601] Call Trace:\n[ 225.198604] \u003cTASK\u003e\n[ 225.198609] igc_setup_rx_resources+0x3f/0xe0 [igc]\n[ 225.198617] igc_ethtool_set_ringparam+0x30e/0x450 [igc]\n[ 225.198626] ethnl_set_rings+0x18a/0x250\n[ 225.198631] genl_family_rcv_msg_doit+0xca/0x110\n[ 225.198637] genl_rcv_msg+0xce/0x1c0\n[ 225.198640] ? rings_prepare_data+0x60/0x60\n[ 225.198644] ? genl_get_cmd+0xd0/0xd0\n[ 225.198647] netlink_rcv_skb+0x4e/0xf0\n[ 225.198652] genl_rcv+0x24/0x40\n[ 225.198655] netlink_unicast+0x20e/0x330\n[ 225.198659] netlink_sendmsg+0x23f/0x480\n[ 225.198663] sock_sendmsg+0x5b/0x60\n[ 225.198667] __sys_sendto+0xf0/0x160\n[ 225.198671] ? handle_mm_fault+0xb2/0x280\n[ 225.198676] ? do_user_addr_fault+0x1eb/0x690\n[ 225.198680] __x64_sys_sendto+0x20/0x30\n[ 225.198683] do_syscall_64+0x38/0x90\n[ 225.198687] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 225.198693] RIP: 0033:0x7f7ae38ac3aa\n\nigc_ethtool_set_ringparam() copies the igc_ring structure but neglects to\nreset the xdp_rxq_info member before calling igc_setup_rx_resources().\nThis in turn calls xdp_rxq_info_reg() with an already registered xdp_rxq_info.\n\nMake sure to unregister the xdp_rxq_info structure first in\nigc_setup_rx_resources." }, { "lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: igc: evitar advertencia del kernel al cambiar los par\u00e1metros del anillo RX Llamar a ethtool cambiando los par\u00e1metros del anillo RX de esta manera: $ ethtool -G eth0 rx 1024 en igc activa advertencias del kernel como esta: [ 225.198467] ------------[ cortar aqu\u00ed ]------------ [ 225.198473] Falta anulaci\u00f3n del registro, controlador manejado pero corregido [ 225.198485] ADVERTENCIA: CPU: 7 PID: 959 en net/core/xdp.c:168 xdp_rxq_info_reg+0x79/0xd0 [...] [ 225.198601] Seguimiento de llamada: [ 225.198604] [ 225.198609] igc_setup_rx_resources+0x3f/0xe0 [igc] [ 225.198617] igc_ethtool_set_ringparam+0x30e/0x450 [igc] [ 225.198626] ethnl_set_rings+0x18a/0x250 [ 225.198631] genl_family_rcv_msg_doit+0xca/0x110 [ 225.198637] genl_rcv_msg+0xce/0x1c0 [ 225.198640] ? rings_prepare_data+0x60/0x60 [ 225.198644] ? genl_get_cmd+0xd0/0xd0 [ 225.198647] netlink_rcv_skb+0x4e/0xf0 [ 225.198652] genl_rcv+0x24/0x40 [ 225.198655] netlink_unicast+0x20e/0x330 [ 225.198659] netlink_sendmsg+0x23f/0x480 [ 225.198663] sock_sendmsg+0x5b/0x60 [ 225.198667] __sys_sendto+0xf0/0x160 [ 225.198671] ? handle_mm_fault+0xb2/0x280 [ 225.198676] ? do_user_addr_fault+0x1eb/0x690 [ 225.198680] __x64_sys_sendto+0x20/0x30 [ 225.198683] do_syscall_64+0x38/0x90 [ 225.198687] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 225.198693] RIP: 0033:0x7f7ae38ac3aa igc_ethtool_set_ringparam() copia la estructura igc_ring pero no restablece el miembro xdp_rxq_info antes de llamar a igc_setup_rx_resources(). Esto, a su vez, llama a xdp_rxq_info_reg() con un xdp_rxq_info ya registrado. Aseg\u00farese de anular el registro de la estructura xdp_rxq_info primero en igc_setup_rx_resources." } ], "id": "CVE-2022-49227", "lastModified": "2025-02-26T07:00:59.747", "metrics": {}, "published": "2025-02-26T07:00:59.747", "references": [ { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3ddb49af08094ebee250b461172ee7b8e27a35d3" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/453307b569a0d41bddd07f26bf41b784cd82a4c9" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/65aebcf1e05bd97d2e7ffcdff36efea1757c9450" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ab8c107470d12e7ef99030bf0911a10cdef62d16" } ], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…