CVE-2022-48647

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48647
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48647.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48647
Downstream
Related
Published
2024-04-28T13:00:19Z
Modified
2025-10-08T06:54:26.463045Z
Summary
sfc: fix TX channel offset when using legacy interrupts
Details

In the Linux kernel, the following vulnerability has been resolved:

sfc: fix TX channel offset when using legacy interrupts

In legacy interrupt mode the txchanneloffset was hardcoded to 1, but that's not correct if efxsepparatetx_channels is false. In that case, the offset is 0 because the tx queues are in the single existing channel at index 0, together with the rx queue.

Without this fix, as soon as you try to send any traffic, it tries to get the tx queues from an uninitialized channel getting these errors: WARNING: CPU: 1 PID: 0 at drivers/net/ethernet/sfc/tx.c:540 efxhardstartxmit+0x12e/0x170 [sfc] [...] RIP: 0010:efxhardstartxmit+0x12e/0x170 [sfc] [...] Call Trace: <IRQ> devhardstartxmit+0xd7/0x230 schdirectxmit+0x9f/0x360 _devqueuexmit+0x890/0xa40 [...] BUG: unable to handle kernel NULL pointer dereference at 0000000000000020 [...] RIP: 0010:efxhardstartxmit+0x153/0x170 [sfc] [...] Call Trace: <IRQ> devhardstartxmit+0xd7/0x230 schdirectxmit+0x9f/0x360 _devqueue_xmit+0x890/0xa40 [...]

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
bf2af9b24313553f3f0b30443220ab0ac8595d2d
Fixed
b4afd3878f961d3517f27b3213730fceef77945c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
06cb7e134f8f4a11b66f1dbeb5f237412a0aeedc
Fixed
360910b88d1466a90644a4e0533803b594344a2b
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c308dfd1b43ef0d4c3e57b741bb3462eb7a7f4a2
Fixed
5f623a77cfc2d501d72bcb4f9ee71721e6c766ff
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c308dfd1b43ef0d4c3e57b741bb3462eb7a7f4a2
Fixed
f232af4295653afa4ade3230462b3be15ad16419
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1a7c0b3ef93d1d1dae7b0a85dab3ac6e3ad0ef61
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b2d60329a0b88c4e35017436ee29c43be59d46a5

Affected versions

v5.*

v5.10.1
v5.10.10
v5.10.11
v5.10.12
v5.10.122
v5.10.123
v5.10.124
v5.10.125
v5.10.126
v5.10.127
v5.10.128
v5.10.129
v5.10.13
v5.10.130
v5.10.131
v5.10.132
v5.10.133
v5.10.134
v5.10.135
v5.10.136
v5.10.137
v5.10.138
v5.10.139
v5.10.14
v5.10.140
v5.10.141
v5.10.142
v5.10.143
v5.10.144
v5.10.145
v5.10.15
v5.10.16
v5.10.17
v5.10.18
v5.10.19
v5.10.2
v5.10.3
v5.10.4
v5.10.5
v5.10.6
v5.10.7
v5.10.8
v5.10.9
v5.11.1
v5.11.10
v5.11.11
v5.11.12
v5.11.13
v5.11.14
v5.11.15
v5.11.16
v5.11.17
v5.11.18
v5.11.19
v5.11.2
v5.11.20
v5.11.21
v5.11.3
v5.11.4
v5.11.5
v5.11.6
v5.11.7
v5.11.8
v5.11.9
v5.12.1
v5.12.10
v5.12.11
v5.12.12
v5.12.13
v5.12.14
v5.12.15
v5.12.16
v5.12.17
v5.12.18
v5.12.19
v5.12.2
v5.12.3
v5.12.4
v5.12.5
v5.12.6
v5.12.7
v5.12.8
v5.12.9
v5.13.1
v5.13.10
v5.13.11
v5.13.12
v5.13.13
v5.13.14
v5.13.15
v5.13.16
v5.13.17
v5.13.18
v5.13.2
v5.13.3
v5.13.4
v5.13.5
v5.13.6
v5.13.7
v5.13.8
v5.13.9
v5.14.1
v5.14.10
v5.14.11
v5.14.12
v5.14.13
v5.14.14
v5.14.15
v5.14.16
v5.14.17
v5.14.18
v5.14.19
v5.14.2
v5.14.20
v5.14.3
v5.14.4
v5.14.5
v5.14.6
v5.14.7
v5.14.8
v5.14.9
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.3
v5.15.4
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.8
v5.15.9
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.17
v5.16.18
v5.16.19
v5.16.2
v5.16.20
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17.1
v5.17.10
v5.17.11
v5.17.12
v5.17.13
v5.17.14
v5.17.15
v5.17.2
v5.17.3
v5.17.4
v5.17.5
v5.17.6
v5.17.7
v5.17.8
v5.17.9
v5.18.10
v5.18.11
v5.18.12
v5.18.13
v5.18.14
v5.18.15
v5.18.16
v5.18.17
v5.18.18
v5.18.19
v5.18.4
v5.18.5
v5.18.6
v5.18.7
v5.18.8
v5.18.9
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.19.10
v5.19.11
v5.19.12
v5.19.13
v5.19.14
v5.19.15
v5.19.16
v5.19.2
v5.19.3
v5.19.4
v5.19.5
v5.19.6
v5.19.7
v5.19.8
v5.19.9
v5.6.1
v5.6.10
v5.6.11
v5.6.12
v5.6.13
v5.6.14
v5.6.15
v5.6.16
v5.6.17
v5.6.18
v5.6.2
v5.6.3
v5.6.4
v5.6.5
v5.6.6
v5.6.7
v5.6.8
v5.6.9
v5.7.1
v5.7.10
v5.7.11
v5.7.12
v5.7.13
v5.7.14
v5.7.15
v5.7.16
v5.7.2
v5.7.3
v5.7.4
v5.7.5
v5.7.6
v5.7.7
v5.7.8
v5.7.9
v5.8.1
v5.8.10
v5.8.11
v5.8.12
v5.8.13
v5.8.14
v5.8.15
v5.8.16
v5.8.17
v5.8.18
v5.8.2
v5.8.3
v5.8.4
v5.8.5
v5.8.6
v5.8.7
v5.8.8
v5.8.9
v5.9.1
v5.9.10
v5.9.11
v5.9.12
v5.9.13
v5.9.14
v5.9.15
v5.9.16
v5.9.2
v5.9.3
v5.9.4
v5.9.5
v5.9.6
v5.9.7
v5.9.8
v5.9.9

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.0.1
v6.0.10
v6.0.11
v6.0.12
v6.0.13
v6.0.14
v6.0.15
v6.0.16
v6.0.17
v6.0.18
v6.0.2
v6.0.3
v6.0.4
v6.0.5
v6.0.6
v6.0.7
v6.0.8
v6.0.9
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.10
v6.10.11
v6.10.12
v6.10.13
v6.10.2
v6.10.3
v6.10.4
v6.10.5
v6.10.6
v6.10.7
v6.10.8
v6.10.9
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.10
v6.11.11
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.11.6
v6.11.7
v6.11.8
v6.11.9
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.2
v6.12.3
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.1
v6.13.10
v6.13.11
v6.13.12
v6.13.2
v6.13.3
v6.13.4
v6.13.5
v6.13.6
v6.13.7
v6.13.8
v6.13.9
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.14.1
v6.14.10
v6.14.11
v6.14.2
v6.14.3
v6.14.4
v6.14.5
v6.14.6
v6.14.7
v6.14.8
v6.14.9
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.10
v6.15.11
v6.15.2
v6.15.3
v6.15.4
v6.15.5
v6.15.6
v6.15.7
v6.15.8
v6.15.9
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.16.1
v6.16.10
v6.16.11
v6.16.2
v6.16.3
v6.16.4
v6.16.5
v6.16.6
v6.16.7
v6.16.8
v6.16.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.10
v6.2.11
v6.2.12
v6.2.13
v6.2.14
v6.2.15
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7
v6.2.8
v6.2.9
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.3.1
v6.3.10
v6.3.11
v6.3.12
v6.3.2
v6.3.3
v6.3.4
v6.3.5
v6.3.6
v6.3.7
v6.3.8
v6.3.9
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.10
v6.4.11
v6.4.12
v6.4.13
v6.4.14
v6.4.15
v6.4.16
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6
v6.4.7
v6.4.8
v6.4.9
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.5.1
v6.5.10
v6.5.11
v6.5.12
v6.5.13
v6.5.2
v6.5.3
v6.5.4
v6.5.5
v6.5.6
v6.5.7
v6.5.8
v6.5.9
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.2
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.11
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.10
v6.8.11
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.10
v6.9.11
v6.9.12
v6.9.2
v6.9.3
v6.9.4
v6.9.5
v6.9.6
v6.9.7
v6.9.8
v6.9.9

Database specific 

{
    "vanir_signatures": [
        {
            "target": {
                "file": "drivers/net/ethernet/sfc/efx_channels.c",
                "function": "efx_probe_interrupts"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f232af4295653afa4ade3230462b3be15ad16419",
            "digest": {
                "length": 2843.0,
                "function_hash": "144775300401497080653021760018901893669"
            },
            "deprecated": false,
            "id": "CVE-2022-48647-2ca27705",
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "drivers/net/ethernet/sfc/efx_channels.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f232af4295653afa4ade3230462b3be15ad16419",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "154612989274927299147245977853288551539",
                    "166966232097298280022452943803690043357",
                    "276067396533295319290266214201354545425",
                    "40982682941509001151011643429431098416"
                ]
            },
            "deprecated": false,
            "id": "CVE-2022-48647-37a619c3",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "drivers/net/ethernet/sfc/efx_channels.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@360910b88d1466a90644a4e0533803b594344a2b",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "154612989274927299147245977853288551539",
                    "166966232097298280022452943803690043357",
                    "276067396533295319290266214201354545425",
                    "40982682941509001151011643429431098416"
                ]
            },
            "deprecated": false,
            "id": "CVE-2022-48647-6ac7c24d",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "drivers/net/ethernet/sfc/efx_channels.c",
                "function": "efx_probe_interrupts"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@360910b88d1466a90644a4e0533803b594344a2b",
            "digest": {
                "length": 2843.0,
                "function_hash": "144775300401497080653021760018901893669"
            },
            "deprecated": false,
            "id": "CVE-2022-48647-89bd2a2a",
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "drivers/net/ethernet/sfc/efx_channels.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5f623a77cfc2d501d72bcb4f9ee71721e6c766ff",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "154612989274927299147245977853288551539",
                    "166966232097298280022452943803690043357",
                    "276067396533295319290266214201354545425",
                    "40982682941509001151011643429431098416"
                ]
            },
            "deprecated": false,
            "id": "CVE-2022-48647-8b206ed2",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "drivers/net/ethernet/sfc/efx_channels.c",
                "function": "efx_probe_interrupts"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5f623a77cfc2d501d72bcb4f9ee71721e6c766ff",
            "digest": {
                "length": 2843.0,
                "function_hash": "144775300401497080653021760018901893669"
            },
            "deprecated": false,
            "id": "CVE-2022-48647-b029f98c",
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "drivers/net/ethernet/sfc/efx_channels.c"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4afd3878f961d3517f27b3213730fceef77945c",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "154612989274927299147245977853288551539",
                    "166966232097298280022452943803690043357",
                    "276067396533295319290266214201354545425",
                    "40982682941509001151011643429431098416"
                ]
            },
            "deprecated": false,
            "id": "CVE-2022-48647-c6424ba3",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "drivers/net/ethernet/sfc/efx_channels.c",
                "function": "efx_probe_interrupts"
            },
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4afd3878f961d3517f27b3213730fceef77945c",
            "digest": {
                "length": 2843.0,
                "function_hash": "144775300401497080653021760018901893669"
            },
            "deprecated": false,
            "id": "CVE-2022-48647-c9f8690f",
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.146
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.71
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.19.12