CVE-2022-50066

In the Linux kernel, the following vulnerability has been resolved:

net: atlantic: fix aq_vec index out of range error

The final update statement of the for loop exceeds the array range, the dereference of self->aq_vec[i] is not checked and then leads to the index out of range error. Also fixed this kind of coding style in other for loop.

[ 97.937604] UBSAN: array-index-out-of-bounds in drivers/net/ethernet/aquantia/atlantic/aqnic.c:1404:48 [ 97.937607] index 8 is out of range for type 'aqvecs *[8]' [ 97.937608] CPU: 38 PID: 3767 Comm: kworker/u256:18 Not tainted 5.19.0+ #2 [ 97.937610] Hardware name: Dell Inc. Precision 7865 Tower/, BIOS 1.0.0 06/12/2022 [ 97.937611] Workqueue: eventsunbound asyncrunentryfn [ 97.937616] Call Trace: [ 97.937617] <TASK> [ 97.937619] dumpstacklvl+0x49/0x63 [ 97.937624] dumpstack+0x10/0x16 [ 97.937626] ubsan_epilogue+0x9/0x3f [ 97.937627] __ubsanhandleoutofbounds.cold+0x44/0x49 [ 97.937629] ? __scmsend+0x348/0x440 [ 97.937632] ? aqvec_stop+0x72/0x80 [atlantic] [ 97.937639] aqnicstop+0x1b6/0x1c0 [atlantic] [ 97.937644] aqsuspendcommon+0x88/0x90 [atlantic] [ 97.937648] aqpmsuspendpoweroff+0xe/0x20 [atlantic] [ 97.937653] pcipmsuspend+0x7e/0x1a0 [ 97.937655] ? pcipmsuspendnoirq+0x2b0/0x2b0 [ 97.937657] dpmruncallback+0x54/0x190 [ 97.937660] _devicesuspend+0x14c/0x4d0 [ 97.937661] asyncsuspend+0x23/0x70 [ 97.937663] asyncrunentryfn+0x33/0x120 [ 97.937664] processonework+0x21f/0x3f0 [ 97.937666] workerthread+0x4a/0x3c0 [ 97.937668] ? processonework+0x3f0/0x3f0 [ 97.937669] kthread+0xf0/0x120 [ 97.937671] ? kthreadcompleteandexit+0x20/0x20 [ 97.937672] retfromfork+0x22/0x30 [ 97.937676] </TASK>

v2. fixed "warning: variable 'aq_vec' set but not used"

v3. simplified a for loop