{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48883", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-16T11:38:08.924Z", "datePublished": "2024-08-21T06:10:14.763Z", "dateUpdated": "2024-11-04T12:18:27.213Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:18:27.213Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent\n\nA user is able to configure an arbitrary number of rx queues when\ncreating an interface via netlink. This doesn't work for child PKEY\ninterfaces because the child interface uses the parent receive channels.\n\nAlthough the child shares the parent's receive channels, the number of\nrx queues is important for the channel_stats array: the parent's rx\nchannel index is used to access the child's channel_stats. So the array\nhas to be at least as large as the parent's rx queue size for the\ncounting to work correctly and to prevent out of bound accesses.\n\nThis patch checks for the mentioned scenario and returns an error when\ntrying to create the interface. The error is propagated to the user."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/mellanox/mlx5/core/ipoib/ipoib_vlan.c"], "versions": [{"version": "be98737a4faa", "lessThan": "5844a46f09f7", "status": "affected", "versionType": "git"}, {"version": "be98737a4faa", "lessThan": "31c70bfe58ef", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/mellanox/mlx5/core/ipoib/ipoib_vlan.c"], "versions": [{"version": "5.17", "status": "affected"}, {"version": "0", "lessThan": "5.17", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.7", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/5844a46f09f768da866d6b0ffbf1a9073266bf24"}, {"url": "https://git.kernel.org/stable/c/31c70bfe58ef09fe36327ddcced9143a16e9e83d"}], "title": "net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48883", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:04:49.165689Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:32:52.439Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48883", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:04:49.165689Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:11.815Z"}}], "cna": {"title": "net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "be98737a4faa", "lessThan": "5844a46f09f7", "versionType": "git"}, {"status": "affected", "version": "be98737a4faa", "lessThan": "31c70bfe58ef", "versionType": "git"}], "programFiles": ["drivers/net/ethernet/mellanox/mlx5/core/ipoib/ipoib_vlan.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.17"}, {"status": "unaffected", "version": "0", "lessThan": "5.17", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.7", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.2", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/ethernet/mellanox/mlx5/core/ipoib/ipoib_vlan.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/5844a46f09f768da866d6b0ffbf1a9073266bf24"}, {"url": "https://git.kernel.org/stable/c/31c70bfe58ef09fe36327ddcced9143a16e9e83d"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent\n\nA user is able to configure an arbitrary number of rx queues when\ncreating an interface via netlink. This doesn't work for child PKEY\ninterfaces because the child interface uses the parent receive channels.\n\nAlthough the child shares the parent's receive channels, the number of\nrx queues is important for the channel_stats array: the parent's rx\nchannel index is used to access the child's channel_stats. So the array\nhas to be at least as large as the parent's rx queue size for the\ncounting to work correctly and to prevent out of bound accesses.\n\nThis patch checks for the mentioned scenario and returns an error when\ntrying to create the interface. The error is propagated to the user."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:18:27.213Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48883", "state": "PUBLISHED", "dateUpdated": "2024-11-04T12:18:27.213Z", "dateReserved": "2024-07-16T11:38:08.924Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-08-21T06:10:14.763Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent\n\nA user is able to configure an arbitrary number of rx queues when\ncreating an interface via netlink. This doesn't work for child PKEY\ninterfaces because the child interface uses the parent receive channels.\n\nAlthough the child shares the parent's receive channels, the number of\nrx queues is important for the channel_stats array: the parent's rx\nchannel index is used to access the child's channel_stats. So the array\nhas to be at least as large as the parent's rx queue size for the\ncounting to work correctly and to prevent out of bound accesses.\n\nThis patch checks for the mentioned scenario and returns an error when\ntrying to create the interface. The error is propagated to the user."}], "id": "CVE-2022-48883", "lastModified": "2024-08-21T12:30:33.697", "metrics": {}, "published": "2024-08-21T07:15:04.933", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/31c70bfe58ef09fe36327ddcced9143a16e9e83d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5844a46f09f768da866d6b0ffbf1a9073266bf24"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2023:2951", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-477.10.1.el8_8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:2458", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-284.11.1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}, {"advisory": "RHSA-2023:2458", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-284.11.1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}], "bugzilla": {"description": "kernel: net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent", "id": "2306404", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306404"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.6", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "status": "verified"}, "cwe": "CWE-130", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent\nA user is able to configure an arbitrary number of rx queues when\ncreating an interface via netlink. This doesn't work for child PKEY\ninterfaces because the child interface uses the parent receive channels.\nAlthough the child shares the parent's receive channels, the number of\nrx queues is important for the channel_stats array: the parent's rx\nchannel index is used to access the child's channel_stats. So the array\nhas to be at least as large as the parent's rx queue size for the\ncounting to work correctly and to prevent out of bound accesses.\nThis patch checks for the mentioned scenario and returns an error when\ntrying to create the interface. The error is propagated to the user."], "name": "CVE-2022-48883", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-08-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48883\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48883\nhttps://lore.kernel.org/linux-cve-announce/2024082108-CVE-2022-48883-4df4@gregkh/T"], "statement": "This issue is fixed in RHEL-9.2 and above (including RHEL 8.10)\n~~~\nin (rhel-8.8, rhel-8.9, rhel-8.10) net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent\nin (rhel-9.2, rhel-9.3, rhel-9.4, rhel-9.5) net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent\n~~~\nPlease note that while RHEL-9 kernel-rt still appears as affected, it has been fixed in the same RHSA as RHEL-9 kernel. This is because from RHEL-9.3 onwards, the kernel and kernel-rt fixes are bundled together in a single errata.", "threat_severity": "Moderate"}