CVE-2022-48883

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
21/08/2024
Last modified:
21/08/2024

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent<br /> <br /> A user is able to configure an arbitrary number of rx queues when<br /> creating an interface via netlink. This doesn&amp;#39;t work for child PKEY<br /> interfaces because the child interface uses the parent receive channels.<br /> <br /> Although the child shares the parent&amp;#39;s receive channels, the number of<br /> rx queues is important for the channel_stats array: the parent&amp;#39;s rx<br /> channel index is used to access the child&amp;#39;s channel_stats. So the array<br /> has to be at least as large as the parent&amp;#39;s rx queue size for the<br /> counting to work correctly and to prevent out of bound accesses.<br /> <br /> This patch checks for the mentioned scenario and returns an error when<br /> trying to create the interface. The error is propagated to the user.

Impact