CVE-2022-49134

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mlxsw: spectrum: Guard against invalid local ports<br /> <br /> When processing events generated by the device&amp;#39;s firmware, the driver<br /> protects itself from events reported for non-existent local ports, but<br /> not for the CPU port (local port 0), which exists, but does not have all<br /> the fields as any local port.<br /> <br /> This can result in a NULL pointer dereference when trying access<br /> &amp;#39;struct mlxsw_sp_port&amp;#39; fields which are not initialized for CPU port.<br /> <br /> Commit 63b08b1f6834 ("mlxsw: spectrum: Protect driver from buggy firmware")<br /> already handled such issue by bailing early when processing a PUDE event<br /> reported for the CPU port.<br /> <br /> Generalize the approach by moving the check to a common function and<br /> making use of it in all relevant places.