Linux · Linux Kernel · CVE-2022-48949
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
A vulnerability in the Linux kernel has been resolved. The issue is related to the igb driver, where a mailbox message for VF reset is not properly initialized when a MAC address is not assigned to the VF. This can lead to information leakage to the VM, as the memory allocated from the stack may contain sensitive data. To address this, the message buffer is initialized to 0 to prevent any information from being passed to the VM.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.