CVE-2022-49099

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17-rc7

Description A vulnerability in the Linux kernel has been resolved. The issue was related to the initialization of device objects in the vmbus device register() function. The device's dma mask and dma parms pointers, as well as the device's dma mask value, were not properly initialized before invoking device register(). This led to a warning trace being generated.

Recommendations For Linux kernel versions prior to 5.17-rc7, update to version 5.17-rc7 or later to resolve the issue. As a temporary workaround, consider disabling the vmbus device register() function until a patch is available. Restrict access to the hv vmbus module to minimize the risk of exploitation. Avoid using the dma mask and dma parms variables in the affected code until the issue is resolved.