Bug 2348075 (CVE-2022-49516)

Summary: CVE-2022-49516 kernel: ice: always check VF VSI pointer values
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: dfreiber, drow, jburrell, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A potential NULL point vulnerability was found in the Linux kernel. The ice_get_vf_vsi function can return NULL in some cases when handling messages during a reset where the VSI is being removed and recreated, resulting in a loss of system availability.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2025-02-26 03:16:45 UTC 
In the Linux kernel, the following vulnerability has been resolved:

ice: always check VF VSI pointer values

The ice_get_vf_vsi function can return NULL in some cases, such as if
handling messages during a reset where the VSI is being removed and
recreated.

Several places throughout the driver do not bother to check whether this
VSI pointer is valid. Static analysis tools maybe report issues because
they detect paths where a potentially NULL pointer could be dereferenced.

Fix this by checking the return value of ice_get_vf_vsi everywhere.
Comment 1 Avinash Hanwate 2025-02-26 11:01:39 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022610-CVE-2022-49516-2748@gregkh/T
Comment 4 Avinash Hanwate 2025-02-26 15:26:39 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022610-CVE-2022-49516-2748@gregkh/T