CVE-2022-48932

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-48932

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48932.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-48932

Downstream

DEBIAN-CVE-2022-48932

SUSE-SU-2024:3190-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3227-1

SUSE-SU-2024:3408-1

SUSE-SU-2024:3483-1

UBUNTU-CVE-2022-48932

Related

Published

2024-08-22T03:31:25Z

Modified

2025-10-15T16:51:09.322735Z

Summary

net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte

Details

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: DR, Fix slab-out-of-bounds in mlx5cmddrcreatefte

When adding a rule with 32 destinations, we hit the following out-of-band access issue:

BUG: KASAN: slab-out-of-bounds in mlx5cmddrcreatefte+0x18ee/0x1e70

This patch fixes the issue by both increasing the allocated buffers to accommodate for the needed actions and by checking the number of actions to prevent this issue when a rule with too many actions is provided.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1ffd498901c1134a7cbecf5409e12c064c39cef9

Fixed

4ad319cdfbe555b4ff67bc608736c46a6930c848

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1ffd498901c1134a7cbecf5409e12c064c39cef9

Fixed

0aec12d97b2036af0946e3d582144739860ac07b

Affected versions

v5.*

v5.15

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.16.1

v5.16.10

v5.16.11

v5.16.2

v5.16.3

v5.16.4

v5.16.5

v5.16.6

v5.16.7

v5.16.8

v5.16.9

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

5.16.12