A flaw was found in the Linux kernels SR-IOV for IXGBE. The Intel IXGBE driver supports SR-IOV, allowing a single PCIe (PCI Express) device to emulate multiple separate PCIe devices. The emulated PCIe functions are called "virtual functions" (VFs) and can be exported into virtual guests to be used with some performance improvements compared to emulated virtual NIC devices used by vitualized systems. An attacker with the ability to modify the MTU of a virtualized PCIe device (in a guest for example) may crash the host systems kernel if they set the MTU of the VF device to an to an unsupported value. This is fixed in Red Hat Enterprise Linux 8 in kernel version kernel-4.18.0-419.el8 and newer. References: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00555.html https://security.netapp.com/advisory/ntap-20211210-0005/ Upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63e39d29b3da02e901349f6cd71159818a4737a6
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2068238]
This was fixed for Fedora with the 5.12.9 stable kernel update.