vulnerability
Ubuntu: (CVE-2022-49725): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Feb 26, 2025 | Mar 3, 2025 | Mar 19, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
i40e: Fix call trace in setup_tx_descriptors
After PF reset and ethtool -t there was call trace in dmesg
sometimes leading to panic. When there was some time, around 5
seconds, between reset and test there were no errors.
Problem was that pf reset calls i40e_vsi_close in prep_for_reset
and ethtool -t calls i40e_vsi_close in diag_test. If there was not
enough time between those commands the second i40e_vsi_close starts
before previous i40e_vsi_close was done which leads to crash.
Add check to diag_test if pf is in reset and don't start offline
tests if it is true.
Add netif_info("testing failed") into unhappy path of i40e_diag_test()
Solution(s)
References
- CVE-2022-49725
- https://attackerkb.com/topics/CVE-2022-49725
- URL-https://git.kernel.org/linus/fd5855e6b1358e816710afee68a1d2bc685176ca
- URL-https://git.kernel.org/stable/c/0a4e5a3dc5e41212870e6043895ae02455c93f63
- URL-https://git.kernel.org/stable/c/15950157e2c24865b696db1c9ccc72743ae0e967
- URL-https://git.kernel.org/stable/c/322271351b0e41565171e4cce70ea41854fac115
- URL-https://git.kernel.org/stable/c/5ba9956ca57e361fb13ea369bb753eb33177acc7
- URL-https://git.kernel.org/stable/c/814092927a215f5ca6c08249ec72a205e0b473cd
- URL-https://git.kernel.org/stable/c/fd5855e6b1358e816710afee68a1d2bc685176ca
- URL-https://git.kernel.org/stable/c/ff6e03fe84bc917bb0c907d02de668c2fe101712
- URL-https://www.cve.org/CVERecord?id=CVE-2022-49725
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.