CVE-2024-56649

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel where the ENETC PF and VF drivers share a function to configure MQPRIO, but only PF can configure preemptible TCs. This is because only PF has related registers, while VF does not. As a result, VF will access an invalid pointer when trying to access a non-existent register, causing a crash issue. Some PFs, such as eno1 and eno3 on LS1028A, also do not support configuring preemptible TCs and should be prevented from accessing these unimplemented registers.

Recommendations To resolve the issue, update to a version of the Linux kernel that includes the fix, such as version 6.6.74 or later. Additionally, consider disabling the enetc setup tc mqprio() function for VF drivers until a patch is available. Restrict access to the enetc change preemptible tcs() function for PF drivers that do not support configuring preemptible TCs, such as eno1 and eno3 on LS1028A.