CVE-2022-50636

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained an issue where the pci device is present() function did not correctly identify Virtual Functions (VFs). This occurred because the function read Vendor and Device IDs, which are set to 0xffff for VFs, incorrectly indicating they were not present. The fix involves checking the Physical Function (PF) instead. This issue could cause virtio I/O operations to hang when the driver is unbound or when the number of virtual functions is set to zero, potentially leading to system instability. Specifically, if virtio I/O was in progress during device removal, the operation could hang, resulting in a stalled task and incomplete I/O. The pci device is present(VF) function returning false in virtio pci remove() caused the system to call virtio break device(), which in turn prevented the completion of virtio I/O operations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.