CVE-2022-49208
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49208
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49208.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49208
- Downstream
- Related
- Published
- 2025-02-26T01:55:46Z
- Modified
- 2025-10-15T19:53:01.170891Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- RDMA/irdma: Prevent some integer underflows
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
RDMA/irdma: Prevent some integer underflows
My static checker complains that:
drivers/infiniband/hw/irdma/ctrl.c:3605 irdma_sc_ceq_init() warn: can subtract underflow 'info->dev->hmc_fpm_misc.max_ceqs'?It appears that "info->dev->hmcfpmmisc.maxceqs" comes from the firmware in irdmascparsefpmquerybuf() so, yes, there is a chance that it could be zero. Even if we trust the firmware, it's easy enough to change the condition just as a hardenning measure.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/6f6dbb819dfc1a35bcb8b709b5c83a3ea8beff75
- https://git.kernel.org/stable/c/7340c3675d7ac946f4019b84cd7c64ed542dfe4c
- https://git.kernel.org/stable/c/d52dab6e03550f9c97121b0c11c0a3ed78ee76a4
- https://git.kernel.org/stable/c/f21056f15bbeacab7b4b87af232f5599d1f2bff1
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3f49d684256963d3f27dfb9d9ff228e2255be78dFixedd52dab6e03550f9c97121b0c11c0a3ed78ee76a4
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3f49d684256963d3f27dfb9d9ff228e2255be78dFixedf21056f15bbeacab7b4b87af232f5599d1f2bff1
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3f49d684256963d3f27dfb9d9ff228e2255be78dFixed7340c3675d7ac946f4019b84cd7c64ed542dfe4c
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3f49d684256963d3f27dfb9d9ff228e2255be78dFixed6f6dbb819dfc1a35bcb8b709b5c83a3ea8beff75
Affected versions
v5.*
v5.13
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.17
v5.16.18
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1