CVE-2022-49208

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49208
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49208.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49208
Downstream
Related
Published
2025-02-26T01:55:46.666Z
Modified
2026-03-12T03:24:47.728763Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
RDMA/irdma: Prevent some integer underflows
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/irdma: Prevent some integer underflows

My static checker complains that:

drivers/infiniband/hw/irdma/ctrl.c:3605 irdma_sc_ceq_init()
warn: can subtract underflow 'info->dev->hmc_fpm_misc.max_ceqs'?

It appears that "info->dev->hmcfpmmisc.maxceqs" comes from the firmware in irdmascparsefpmquerybuf() so, yes, there is a chance that it could be zero. Even if we trust the firmware, it's easy enough to change the condition just as a hardenning measure.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49208.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3f49d684256963d3f27dfb9d9ff228e2255be78d
Fixed
d52dab6e03550f9c97121b0c11c0a3ed78ee76a4
Fixed
f21056f15bbeacab7b4b87af232f5599d1f2bff1
Fixed
7340c3675d7ac946f4019b84cd7c64ed542dfe4c
Fixed
6f6dbb819dfc1a35bcb8b709b5c83a3ea8beff75

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49208.json"