CVE-2022-49925

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> RDMA/core: Fix null-ptr-deref in ib_core_cleanup()<br /> <br /> KASAN reported a null-ptr-deref error:<br /> <br /> KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]<br /> CPU: 1 PID: 379<br /> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)<br /> RIP: 0010:destroy_workqueue+0x2f/0x740<br /> RSP: 0018:ffff888016137df8 EFLAGS: 00000202<br /> ...<br /> Call Trace:<br /> ib_core_cleanup+0xa/0xa1 [ib_core]<br /> __do_sys_delete_module.constprop.0+0x34f/0x5b0<br /> do_syscall_64+0x3a/0x90<br /> entry_SYSCALL_64_after_hwframe+0x63/0xcd<br /> RIP: 0033:0x7fa1a0d221b7<br /> ...<br /> <br /> It is because the fail of roce_gid_mgmt_init() is ignored:<br /> <br /> ib_core_init()<br /> roce_gid_mgmt_init()<br /> gid_cache_wq = alloc_ordered_workqueue # fail<br /> ...<br /> ib_core_cleanup()<br /> roce_gid_mgmt_cleanup()<br /> destroy_workqueue(gid_cache_wq)<br /> # destroy an unallocated wq<br /> <br /> Fix this by catching the fail of roce_gid_mgmt_init() in ib_core_init().