In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Avoid order-5 memory allocation for TPA data
The driver needs to keep track of all the possible concurrent TPA (GRO/LRO) completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the amount of memory we allocate is order-5 on systems using 4K pages. Memory allocation failure has been reported:
NetworkManager: page allocation failure: order:5, mode:0x40dc0(GFPKERNEL|GFPCOMP|GFPZERO), nodemask=(null),cpuset=/,memsallowed=0-1 CPU: 15 PID: 2995 Comm: NetworkManager Kdump: loaded Not tainted 5.10.156 #1 Hardware name: Dell Inc. PowerEdge R660/0M1CC5, BIOS 0.2.25 08/12/2022 Call Trace: dumpstack+0x57/0x6e warnalloc.cold.120+0x7b/0xdd ? condresched+0x15/0x30 ? _allocpagesdirectcompact+0x15f/0x170 _allocpagesslowpath.constprop.108+0xc58/0xc70 _allocpagesnodemask+0x2d0/0x300 kmallocorder+0x24/0xe0 kmallocordertrace+0x19/0x80 bnxtallocmem+0x1150/0x15c0 [bnxten] ? bnxtgetfuncstatctxs+0x13/0x60 [bnxten] _bnxtopennic+0x12e/0x780 [bnxten] bnxtopen+0x10b/0x240 [bnxten] _devopen+0xe9/0x180 _devchangeflags+0x1af/0x220 devchangeflags+0x21/0x60 do_setlink+0x35c/0x1100
Instead of allocating this big chunk of memory and dividing it up for the concurrent TPA instances, allocate each small chunk separately for each TPA instance. This will reduce it to order-0 allocations.
{ "vanir_signatures": [ { "id": "CVE-2023-53134-1070fdb0", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d16701a385b54f44bf41ff1d7485e7a11080deb3", "deprecated": false, "signature_version": "v1", "signature_type": "Line", "digest": { "threshold": 0.9, "line_hashes": [ "56198636162665188071121389271392961416", "281034948028840789849045913328146177553", "205504154547700076207381844484870602132", "180417441891417037682565626263188381708", "300533424997993221955760112165555799989", "154330598119201606479567702415397189029", "305176665930153672808588536271721709718", "224536502462765236308270248817225672542", "134770584398030615678299564282528191890", "292427160127737365132188177205875835255", "259900709584821075550955414579711529901", "194329054818803122217479727836610886467", "111796564208536193603829318954650327306", "146006532506132162048853283935643013086", "139607337313002397947418585966787876463", "300566151573628477819405718425302685507", "205526212451013905834474717317114018256", "38483650588674014525658383601761373340", "27294489097498078160400965176130746232", "125638488365150946441036491244871722709", "323845631818439522232098288508182514013", "294662029988260642787332698218130735714", "134161497386623440770983849196969415323", "283710827799500303638687192842533862282", "183268460454126317464209545668852905324", "58809862518775897466483008373923931998", "92308368507489567573539282973789631089", "225880839588366549337490317360101056332" ] }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c" } }, { "id": "CVE-2023-53134-1773a6b8", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@20fd0607acbf9770db9b99e3418dd75614f80b6c", "deprecated": false, "signature_version": "v1", "signature_type": "Line", "digest": { "threshold": 0.9, "line_hashes": [ "56198636162665188071121389271392961416", "281034948028840789849045913328146177553", "205504154547700076207381844484870602132", "180417441891417037682565626263188381708", "300533424997993221955760112165555799989", "154330598119201606479567702415397189029", "305176665930153672808588536271721709718", "224536502462765236308270248817225672542", "134770584398030615678299564282528191890", "292427160127737365132188177205875835255", "259900709584821075550955414579711529901", "194329054818803122217479727836610886467", "111796564208536193603829318954650327306", "146006532506132162048853283935643013086", "139607337313002397947418585966787876463", "300566151573628477819405718425302685507", "205526212451013905834474717317114018256", "38483650588674014525658383601761373340", "27294489097498078160400965176130746232", "125638488365150946441036491244871722709", "323845631818439522232098288508182514013", "294662029988260642787332698218130735714", "134161497386623440770983849196969415323", "283710827799500303638687192842533862282", "183268460454126317464209545668852905324", "58809862518775897466483008373923931998", "92308368507489567573539282973789631089", "225880839588366549337490317360101056332" ] }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c" } }, { "id": "CVE-2023-53134-4e9f180e", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ad529d1fae1565d38f929479d4ea8aea90054bd2", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 980.0, "function_hash": "27663722755915958258029321579591792013" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_alloc_tpa_info" } }, { "id": "CVE-2023-53134-573a169b", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d16701a385b54f44bf41ff1d7485e7a11080deb3", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 980.0, "function_hash": "27663722755915958258029321579591792013" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_alloc_tpa_info" } }, { "id": "CVE-2023-53134-58d3e060", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16f3aae1aa2dd89bc8d073a67f190af580386ae9", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 385.0, "function_hash": "220244701210282180210778338346329080269" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_free_tpa_info" } }, { "id": "CVE-2023-53134-5a25e02a", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16f3aae1aa2dd89bc8d073a67f190af580386ae9", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 980.0, "function_hash": "27663722755915958258029321579591792013" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_alloc_tpa_info" } }, { "id": "CVE-2023-53134-68e5c9be", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@accd7e23693aaaa9aa0d3e9eca0ae77d1be80ab3", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 385.0, "function_hash": "220244701210282180210778338346329080269" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_free_tpa_info" } }, { "id": "CVE-2023-53134-6b103917", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d16701a385b54f44bf41ff1d7485e7a11080deb3", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 385.0, "function_hash": "220244701210282180210778338346329080269" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_free_tpa_info" } }, { "id": "CVE-2023-53134-741c65f8", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@20fd0607acbf9770db9b99e3418dd75614f80b6c", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 385.0, "function_hash": "220244701210282180210778338346329080269" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_free_tpa_info" } }, { "id": "CVE-2023-53134-8420c63f", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ad529d1fae1565d38f929479d4ea8aea90054bd2", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 385.0, "function_hash": "220244701210282180210778338346329080269" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_free_tpa_info" } }, { "id": "CVE-2023-53134-94027c2c", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@20fd0607acbf9770db9b99e3418dd75614f80b6c", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 980.0, "function_hash": "27663722755915958258029321579591792013" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_alloc_tpa_info" } }, { "id": "CVE-2023-53134-bdd495a0", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fcae40e65802547def39b4deaa2ae38a29864d81", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 385.0, "function_hash": "220244701210282180210778338346329080269" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_free_tpa_info" } }, { "id": "CVE-2023-53134-c330f837", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@accd7e23693aaaa9aa0d3e9eca0ae77d1be80ab3", "deprecated": false, "signature_version": "v1", "signature_type": "Line", "digest": { "threshold": 0.9, "line_hashes": [ "56198636162665188071121389271392961416", "281034948028840789849045913328146177553", "205504154547700076207381844484870602132", "180417441891417037682565626263188381708", "300533424997993221955760112165555799989", "154330598119201606479567702415397189029", "305176665930153672808588536271721709718", "224536502462765236308270248817225672542", "134770584398030615678299564282528191890", "292427160127737365132188177205875835255", "259900709584821075550955414579711529901", "194329054818803122217479727836610886467", "111796564208536193603829318954650327306", "146006532506132162048853283935643013086", "139607337313002397947418585966787876463", "300566151573628477819405718425302685507", "205526212451013905834474717317114018256", "38483650588674014525658383601761373340", "27294489097498078160400965176130746232", "125638488365150946441036491244871722709", "323845631818439522232098288508182514013", "294662029988260642787332698218130735714", "134161497386623440770983849196969415323", "283710827799500303638687192842533862282", "183268460454126317464209545668852905324", "58809862518775897466483008373923931998", "92308368507489567573539282973789631089", "225880839588366549337490317360101056332" ] }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c" } }, { "id": "CVE-2023-53134-d5c5074e", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ad529d1fae1565d38f929479d4ea8aea90054bd2", "deprecated": false, "signature_version": "v1", "signature_type": "Line", "digest": { "threshold": 0.9, "line_hashes": [ "56198636162665188071121389271392961416", "281034948028840789849045913328146177553", "205504154547700076207381844484870602132", "180417441891417037682565626263188381708", "300533424997993221955760112165555799989", "154330598119201606479567702415397189029", "305176665930153672808588536271721709718", "224536502462765236308270248817225672542", "134770584398030615678299564282528191890", "292427160127737365132188177205875835255", "259900709584821075550955414579711529901", "194329054818803122217479727836610886467", "111796564208536193603829318954650327306", "146006532506132162048853283935643013086", "139607337313002397947418585966787876463", "300566151573628477819405718425302685507", "205526212451013905834474717317114018256", "38483650588674014525658383601761373340", "27294489097498078160400965176130746232", "125638488365150946441036491244871722709", "323845631818439522232098288508182514013", "294662029988260642787332698218130735714", "134161497386623440770983849196969415323", "283710827799500303638687192842533862282", "183268460454126317464209545668852905324", "58809862518775897466483008373923931998", "92308368507489567573539282973789631089", "225880839588366549337490317360101056332" ] }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c" } }, { "id": "CVE-2023-53134-e77b7f1e", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@accd7e23693aaaa9aa0d3e9eca0ae77d1be80ab3", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 980.0, "function_hash": "27663722755915958258029321579591792013" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_alloc_tpa_info" } }, { "id": "CVE-2023-53134-eae32860", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fcae40e65802547def39b4deaa2ae38a29864d81", "deprecated": false, "signature_version": "v1", "signature_type": "Function", "digest": { "length": 980.0, "function_hash": "27663722755915958258029321579591792013" }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c", "function": "bnxt_alloc_tpa_info" } }, { "id": "CVE-2023-53134-ed4165fe", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16f3aae1aa2dd89bc8d073a67f190af580386ae9", "deprecated": false, "signature_version": "v1", "signature_type": "Line", "digest": { "threshold": 0.9, "line_hashes": [ "56198636162665188071121389271392961416", "281034948028840789849045913328146177553", "205504154547700076207381844484870602132", "180417441891417037682565626263188381708", "300533424997993221955760112165555799989", "154330598119201606479567702415397189029", "305176665930153672808588536271721709718", "224536502462765236308270248817225672542", "134770584398030615678299564282528191890", "292427160127737365132188177205875835255", "259900709584821075550955414579711529901", "194329054818803122217479727836610886467", "111796564208536193603829318954650327306", "146006532506132162048853283935643013086", "139607337313002397947418585966787876463", "300566151573628477819405718425302685507", "205526212451013905834474717317114018256", "38483650588674014525658383601761373340", "27294489097498078160400965176130746232", "125638488365150946441036491244871722709", "323845631818439522232098288508182514013", "294662029988260642787332698218130735714", "134161497386623440770983849196969415323", "283710827799500303638687192842533862282", "183268460454126317464209545668852905324", "58809862518775897466483008373923931998", "92308368507489567573539282973789631089", "225880839588366549337490317360101056332" ] }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c" } }, { "id": "CVE-2023-53134-f91f59d1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fcae40e65802547def39b4deaa2ae38a29864d81", "deprecated": false, "signature_version": "v1", "signature_type": "Line", "digest": { "threshold": 0.9, "line_hashes": [ "56198636162665188071121389271392961416", "281034948028840789849045913328146177553", "205504154547700076207381844484870602132", "180417441891417037682565626263188381708", "300533424997993221955760112165555799989", "154330598119201606479567702415397189029", "305176665930153672808588536271721709718", "224536502462765236308270248817225672542", "134770584398030615678299564282528191890", "292427160127737365132188177205875835255", "259900709584821075550955414579711529901", "194329054818803122217479727836610886467", "111796564208536193603829318954650327306", "146006532506132162048853283935643013086", "139607337313002397947418585966787876463", "300566151573628477819405718425302685507", "205526212451013905834474717317114018256", "38483650588674014525658383601761373340", "27294489097498078160400965176130746232", "125638488365150946441036491244871722709", "323845631818439522232098288508182514013", "294662029988260642787332698218130735714", "134161497386623440770983849196969415323", "283710827799500303638687192842533862282", "183268460454126317464209545668852905324", "58809862518775897466483008373923931998", "92308368507489567573539282973789631089", "225880839588366549337490317360101056332" ] }, "target": { "file": "drivers/net/ethernet/broadcom/bnxt/bnxt.c" } } ] }