CVE-2024-50001

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/mlx5: Fix error path in multi-packet WQE transmit<br /> <br /> Remove the erroneous unmap in case no DMA mapping was established<br /> <br /> The multi-packet WQE transmit code attempts to obtain a DMA mapping for<br /> the skb. This could fail, e.g. under memory pressure, when the IOMMU<br /> driver just can&amp;#39;t allocate more memory for page tables. While the code<br /> tries to handle this in the path below the err_unmap label it erroneously<br /> unmaps one entry from the sq&amp;#39;s FIFO list of active mappings. Since the<br /> current map attempt failed this unmap is removing some random DMA mapping<br /> that might still be required. If the PCI function now presents that IOVA,<br /> the IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI<br /> function in error state.<br /> <br /> The erroneous behavior was seen in a stress-test environment that created<br /> memory pressure.