CVE-2022-48808

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.5-00042-g8f5585009b24

Description The issue arises when a system with LX2160A and Marvell DSA switches undergoes a reboot while the DSA master (dpaa2-eth) is active. This leads to a panic due to the deregistration of the master causing a dev close(), which gets notified as NETDEV GOING DOWN to dsa slave netdevice event(). However, since dsa switch shutdown() has already run and unregistered the DSA slave interfaces, the NETDEV GOING DOWN handler's attempt to call dev close many() on those slave interfaces results in a problem. The previous approach to avoid this issue by unregistering the slave interfaces after dsa switch shutdown() was called is deemed improper. Instead, resetting the master->dsa ptr pointer to NULL after the slaves have stopped being uppers of the DSA master resolves the issue by making DSA ignore future notifier events on the master.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the net: dsa: fix panic when DSA master device unbinds on shutdown vulnerability. Specifically, ensure that the kernel version is 5.16.5-00042-g8f5585009b24 or later. If updating is not immediately possible, consider implementing a workaround by resetting the master->dsa ptr pointer to NULL after the slaves have stopped being uppers of the DSA master to prevent the NETDEV GOING DOWN handler from attempting to call dev close many() on unregistered slave interfaces.