CVE-2022-48644

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The vulnerability is caused by an API design decision in the Linux kernel's net/sched component, specifically in the taprio qdisc. When attempting full offload, the taprio qdisc starts with invalid flags, which are then replaced with parsed flags from netlink. However, in the taprio destroy function, the taprio disable offload function is called based on the FULL OFFLOAD IS ENABLED macro, which performs a bitwise check on the flags. If the flags contain TAPRIO FLAGS INVALID, the macro will return true, leading to a potential kernel crash if user space forces an error between setting the flags and calling taprio enable offload. This is because drivers do not expect the offload to be disabled when it was never enabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.