CVE-2024-46857

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/mlx5: Fix bridge mode operations when there are no VFs<br /> <br /> Currently, trying to set the bridge mode attribute when numvfs=0 leads to a<br /> crash:<br /> <br /> bridge link set dev eth2 hwmode vepa<br /> <br /> [ 168.967392] BUG: kernel NULL pointer dereference, address: 0000000000000030<br /> [...]<br /> [ 168.969989] RIP: 0010:mlx5_add_flow_rules+0x1f/0x300 [mlx5_core]<br /> [...]<br /> [ 168.976037] Call Trace:<br /> [ 168.976188] <br /> [ 168.978620] _mlx5_eswitch_set_vepa_locked+0x113/0x230 [mlx5_core]<br /> [ 168.979074] mlx5_eswitch_set_vepa+0x7f/0xa0 [mlx5_core]<br /> [ 168.979471] rtnl_bridge_setlink+0xe9/0x1f0<br /> [ 168.979714] rtnetlink_rcv_msg+0x159/0x400<br /> [ 168.980451] netlink_rcv_skb+0x54/0x100<br /> [ 168.980675] netlink_unicast+0x241/0x360<br /> [ 168.980918] netlink_sendmsg+0x1f6/0x430<br /> [ 168.981162] ____sys_sendmsg+0x3bb/0x3f0<br /> [ 168.982155] ___sys_sendmsg+0x88/0xd0<br /> [ 168.985036] __sys_sendmsg+0x59/0xa0<br /> [ 168.985477] do_syscall_64+0x79/0x150<br /> [ 168.987273] entry_SYSCALL_64_after_hwframe+0x76/0x7e<br /> [ 168.987773] RIP: 0033:0x7f8f7950f917<br /> <br /> (esw-&gt;fdb_table.legacy.vepa_fdb is null)<br /> <br /> The bridge mode is only relevant when there are multiple functions per<br /> port. Therefore, prevent setting and getting this setting when there are no<br /> VFs.<br /> <br /> Note that after this change, there are no settings to change on the PF<br /> interface using `bridge link` when there are no VFs, so the interface no<br /> longer appears in the `bridge link` output.