CVE-2022-49584
- Source
- https://cve.org/CVERecord?id=CVE-2022-49584
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49584.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49584
- Downstream
- Related
- Published
- 2025-02-26T02:23:20.600Z
- Modified
- 2026-03-20T12:24:40.017628Z
- Summary
- ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
It is possible to disable VFs while the PF driver is processing requests from the VF driver. This can result in a panic.
BUG: unable to handle kernel paging request at 000000000000106c PGD 0 P4D 0 Oops: 0000 [#1] SMP NOPTI CPU: 8 PID: 0 Comm: swapper/8 Kdump: loaded Tainted: G I --------- - Hardware name: Dell Inc. PowerEdge R740/06WXJT, BIOS 2.8.2 08/27/2020 RIP: 0010:ixgbemsgtask+0x4c8/0x1690 [ixgbe] Code: 00 00 48 8d 04 40 48 c1 e0 05 89 7c 24 24 89 fd 48 89 44 24 10 83 ff 01 0f 84 b8 04 00 00 4c 8b 64 24 10 4d 03 a5 48 22 00 00 <41> 80 7c 24 4c 00 0f 84 8a 03 00 00 0f b7 c7 83 f8 08 0f 84 8f 0a RSP: 0018:ffffb337869f8df8 EFLAGS: 00010002 RAX: 0000000000001020 RBX: 0000000000000000 RCX: 000000000000002b RDX: 0000000000000002 RSI: 0000000000000008 RDI: 0000000000000006 RBP: 0000000000000006 R08: 0000000000000002 R09: 0000000000029780 R10: 00006957d8f42832 R11: 0000000000000000 R12: 0000000000001020 R13: ffff8a00e8978ac0 R14: 000000000000002b R15: ffff8a00e8979c80 FS: 0000000000000000(0000) GS:ffff8a07dfd00000(0000) knlGS:00000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000000106c CR3: 0000000063e10004 CR4: 00000000007726e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <IRQ> ? ttwudowakeup+0x19/0x140 ? trytowakeup+0x1cd/0x550 ? ixgbevfupdatexcastmode+0x71/0xc0 [ixgbevf] ixgbemsixother+0x17e/0x310 [ixgbe] _handleirqeventpercpu+0x40/0x180 handleirqeventpercpu+0x30/0x80 handleirqevent+0x36/0x53 handleedgeirq+0x82/0x190 handleirq+0x1c/0x30 doIRQ+0x49/0xd0 commoninterrupt+0xf/0xf
This can be eventually be reproduced with the following script:
while : do echo 63 > /sys/class/net/<devname>/device/sriovnumvfs sleep 1 echo 0 > /sys/class/net/<devname>/device/sriovnumvfs sleep 1 done
Add lock when disabling SR-IOV to prevent process VF mailbox communication.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49584.json" }- References
-
- https://git.kernel.org/stable/c/031af9e617a6f51075d97e56fc9e712c7dde2508
- https://git.kernel.org/stable/c/16f929a5e76fd047fd8697e1e568bdd7d771955c
- https://git.kernel.org/stable/c/1e53834ce541d4fe271cdcca7703e50be0a44f8a
- https://git.kernel.org/stable/c/9d925d2dc82cec2bcbd8625457645d8a548ab22e
- https://git.kernel.org/stable/c/b82de63f8f817b5735480293dda8e92ba8170c52
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49584.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49584
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedd773d1310625be3b040b436178ad59a0af8888f1Fixed031af9e617a6f51075d97e56fc9e712c7dde2508Fixedb82de63f8f817b5735480293dda8e92ba8170c52Fixed16f929a5e76fd047fd8697e1e568bdd7d771955cFixed9d925d2dc82cec2bcbd8625457645d8a548ab22eFixed1e53834ce541d4fe271cdcca7703e50be0a44f8a