CVE-2022-50002

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.18.0-rc5 for upstream min debug 2022 05 05 10 13

Description The issue is related to an asymmetry in setting and clearing the MLX5 LAG FLAG NDEVS READY flag in the Linux kernel's net/mlx5 module. This can lead to a null pointer dereference when calling the mlx5 lag is multipath() function. The problem arises when the MLX5 LAG FLAG NDEVS READY flag is set incorrectly, resulting in a situation where the ldev->pf[MLX5 LAG P0].dev and ldev->pf[MLX5 LAG P1].dev pointers are not valid when the flag is set. This can cause a kernel null pointer dereference error.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the MLX5 LAG FLAG NDEVS READY logic. As a temporary workaround, consider disabling the mlx5 do bond() function until a patch is available. Restrict access to the vulnerable net/mlx5 module to minimize the risk of exploitation. Avoid using the MLX5 LAG FLAG NDEVS READY flag in the affected kernel versions until the issue is resolved.